Hackers Steal Personal Information From Pharma Giant Cencora

The UK Is GPS-Tagging Thousands of Migrants

Ankle tags that constantly log a person’s coordinates are part of a growing cadre of experimental surveillance tools that countries around the world are trying out on new arrivals.

LoanDepot Confirms SSNs Leaked In Breach Claimed By ALPHV/BlackCat

How the Pentagon Learned to Use Targeted Ads to Find Its Targets—and Vladimir Putin

Meet the guy who taught US intelligence agencies how to make the most of the ad tech ecosystem, "the largest information-gathering enterprise ever conceived by man."

Fox News Hacker Was Just Journalist Doing His Job, Claim Lawyers

230k Individuals Impacted By Data Breach At Australian Telco Tangerine

A Vending Machine Error Revealed Secret Face Recognition Tech

A student investigation at the University of Waterloo uncovered a system that scanned countless undergrads without consent.

A Mysterious Leak Exposed Chinese Hacking Secrets

Plus: Scammers try to dupe Apple with 5,000 fake iPhones, Avast gets fined for selling browsing data, and researchers figure out how to clone fingerprints from your phone screen.

Avast Ordered To Stop Selling Browsing Data From Its Browsing Privacy Apps

Rotech Says Third Party Hacked Partner Philips Respironics

Apple Shortcuts Vulnerability Exposes Sensitive Information

The U.S. Military Is Monitoring Another High Altitude Balloon

U-Haul Tells 67k Customers Crooks Drove Away With Their Personal Data

Here Are the Secret Locations of ShotSpotter Gunfire Sensors

The locations of microphones used to detect gunshots have been kept hidden from police and the public. A WIRED analysis of leaked coordinates confirms arguments critics have made against the technology.

Leak Reveals the Unusual Path of ‘Urgent’ Russian Threat Warning

The US Congress was preparing to vote on a key foreign surveillance program last week. Then a wild Russian threat appeared.

Apple Adds Post-Quantum Encryption To iMessage

Apple iOS 17.4: iMessage Gets Post-Quantum Encryption in New Update

Useful quantum computers aren’t a reality—yet. But in one of the biggest deployments of post-quantum encryption so far, Apple is bringing the technology to iMessage.

Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private

We tested the end-to-end encrypted messenger’s new feature aimed at addressing critics’ most persistent complaint. Here’s how it works.

Insider Steals 79,000 Email Addresses At Work To Promote Own Business

Vietnam To Collect Biometrics - Even DNA - For New ID Cards

SaaS Compliance through the NIST Cybersecurity Framework

The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices

Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. "Their various malware included

How to Not Get Scammed Out of $50,000

Plus: State-backed hackers test out generative AI, the US takes down a major Russian military botnet, and 100 hospitals in Romania go offline amid a major ransomware attack.

Leak of Russian ‘Threat’ Part of a Bid to Kill US Surveillance Reform, Sources Say

A surprise disclosure of a national security threat by the House Intelligence chair was part of an effort to block legislation that aimed to limit cops and spies from buying Americans' private data.

Mysterious MMS Fingerprint Hack Used By Spyware Firm NSO Group Revealed

Hackers Got Nearly 7 Million People's Data From 23andMe

U.S. State Government Network Breached via Former Employee's Account

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee. "This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point," the agency said in a joint advisory published

Cybercriminals Are Stealing Face ID Scans To Break Into Bank Accounts

Backdoors That Let Cops Decrypt Messages Violate Human Rights, EU Courts Says

Section 702 Surveillance Fight Pits the White House Opposite Reproductive Rights

Prominent advocates for the rights of pregnant people are urging members of Congress to support legislation that would ban warrantless access to sensitive data as the White House fights against it.

Prudential Financial Discloses Data Breach

Zoom Patches Critical Vulnerability In Windows Applications

‘AI Girlfriends’ Are a Privacy Nightmare

Romantic chatbots collect huge amounts of data, provide vague information about how they use it, use weak password protections, and aren’t transparent, new research from Mozilla says.

DNA Testing: What Happens If Your Genetic Data Is Hacked?

Ivanti Discloses 5th Vulnerability, Doesn't Credit Researchers

ExpressVPN User Data Exposed Due To Bug

Europe's Largest Caravan Club Admits Personal Data Compromise

Crypto Ransom Attack Payments Hit Record $1 Billion In 2023

Verizon Discloses Internal Data Breach Impacting 63,000 Employees

A Backroom Deal Looms Over Section 702 Surveillance Fight

Top congressional lawmakers are meeting in private to discuss the future of a widely unpopular surveillance program, worrying members devoted to reforming Section 702.

The Hidden Injustice of Cyberattacks

Cyberattacks and criminal scams can impact anyone. But communities of color and other marginalized groups are often disproportionately impacted and lack the support to better protect themselves.

Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity

Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and

London Underground Is Testing Real-Time AI Surveillance Tools to Spot Crime

In a test at one station, Transport for London used a computer vision system to try and detect crime and weapons, people falling on the tracks, and fare dodgers, documents obtained by WIRED show.

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses. The initiative, dubbed the Pall Mall Process, aims to tackle the proliferation and irresponsible use of commercial cyber intrusion tools by

WhatsApp Chats Will Soon Work With Other Encrypted Messaging Apps

New EU rules mean WhatsApp and Messenger must be interoperable with other chat apps. Here’s how that will work.

U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance

The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members. "The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken said. "Such targeting has been

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations

Italy's data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. "The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation]," the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday. It also said it

US Lawmakers Tell DOJ to Quit Blindly Funding ‘Predictive’ Police Tools

Members of Congress say the DOJ is funding the use of AI tools that further discriminatory policing practices. They're demanding higher standards for federal grants.

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. "The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical, but illegal

23andMe Failed to Detect Account Intrusions for Months

Plus: North Korean hackers get into generative AI, a phone surveillance tool that can monitor billions of devices gets exposed, and ambient light sensors pose a new privacy risk.

The Pentagon Tried to Hide That It Bought Americans’ Data Without a Warrant

US spy agencies purchased Americans’ phone location data and internet metadata without a warrant but only admitted it after a US senator blocked the appointment of a new NSA director.

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise's (HPE) cloud email environment to exfiltrate mailbox data. "The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,"

Ring Will Stop Giving Cops a Free Pass on Warrantless Video Requests

The Amazon-owned home surveillance company says it is shuttering a feature in its Neighbors app that allows police to request footage from users. But it’s not shutting out the cops entirely.

U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach

Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank. Alexander Ermakov (aka blade_runner, GistaveDore, GustaveDore, or JimJones), 33, has been tied to the breach of the Medibank network as well as the theft and release of Personally Identifiable

BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of child pornography. He was later released on a

US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked

Plus: Microsoft says attackers accessed employee emails, Walmart fails to stop gift card fraud, “pig butchering” scams fuel violence in Myanmar, and more.

‘Stablecoins’ Enabled $40 Billion in Crypto Crime Since 2022

A new report from Chainalysis finds that stablecoins like Tether, tied to the value of the US dollar, were used in the vast majority of crypto-based scam transactions and sanctions evasion in 2023.

This Free Discovery Tool Finds and Mitigates AI-SaaS Risks

Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better protect their intellectual property (IP) and data against the growing and evolving risks of AI usage. SaaS applications seem to be multiplying by the day, and so does their integration of AI

How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity

Once, drug dealers and money launderers saw cryptocurrency as perfectly untraceable. Then a grad student named Sarah Meiklejohn proved them all wrong—and set the stage for a decade-long crackdown.