FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayWIRED

DuckDuckGo Isn’t as Private as You Think

By Andy Greenberg
Plus: A $150 million Twitter fine, a massive leak from a Chinese prison in Xinjiang, and an ISIS plot to assassinate George W. Bush.

An Actively Exploited Microsoft Zero-Day Flaw Still Has No Patch

By Lily Hay Newman
The company continues to downplay the severity of the Follina vulnerability, which remains present in all supported versions of Windows.

Google May Owe You a Chunk of $100 Million

By Andrew Couts
Plus: The US admits to cyber operations supporting Ukraine, SCOTUS investigates its own, and a Michael Flynn surveillance mystery is solved.

The Hacker Gold Rush That's Poised to Eclipse Ransomware

By Lily Hay Newman
As governments crack down on ransomware, cybercriminals may soon shift to business email compromise—already the world's most profitable type of scam.

AlphaBay Is Taking Over the Dark Web—Again

By Andy Greenberg
Five years after it was torn offline, the resurrected dark web marketplace is clawing its way back to the top of the online underworld.

A Long-Awaited Defense Against Data Leaks May Have Just Arrived

By Lily Hay Newman
MongoDB claims its new “Queryable Encryption” lets users search their databases while sensitive data stays encrypted. Oh, and its cryptography is open source.

Hackers Can Steal Your Tesla by Creating Their Own Personal Keys

By Dan Goodin, Ars Technica
A researcher found that a recent update lets anyone enroll their own key during the 130-second interval after the car is unlocked with an NFC card.

The January 6 Hearing Was a Warning

By Garrett M. Graff
The House committee's televised hearings interrogate the Capitol attack with damning new evidence. Whether it's enough to prevent another one is uncertain.

Conti's Attack Against Costa Rica Sparks a New Ransomware Era

By Matt Burgess
A pair of ransomware attacks crippled parts of the country—and rewrote the rules of cybercrime.

Russia Is Taking Over Ukraine’s Internet

By Matt Burgess
In occupied Ukraine, people’s internet is being routed to Russia—and subjected to its powerful censorship and surveillance machine.

Police Linked to Hacking Campaign to Frame Indian Activists

By Andy Greenberg
New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest.

Here’s Why You’re Still Stuck in Robocall Hell

By Lily Hay Newman
Despite major progress fighting spam and scams, the roots of the problem go far deeper than your phone company’s defenses.

An Alleged Russian Spy Was Busted Trying to Intern at The Hague

By Matt Burgess
Plus: Firefox adds new privacy protections, a big Intel and AMD chip flaw, and more of the week’s top security news.

The Ghost of Internet Explorer Will Haunt the Web for Years

By Lily Hay Newman
Microsoft's legacy browser may be dead—but its remnants are not going anywhere, and neither are its lingering security risks.

Google Warns of New Spyware Targeting iOS and Android Users

By Lily Hay Newman
The spyware has been used to target people in Italy, Kazakhstan, and Syria, researchers at Google and Lookout have found.

The Post-Roe Privacy Nightmare Has Arrived

By Andrew Couts
Plus: Microsoft details Russia’s Ukraine hacking campaign, Meta’s election integrity efforts dwindle, and more.

You Need to Update Windows and Chrome Right Now

By Kate O'Flaherty
Plus: Google issues fixes for Android bugs. And Cisco, Citrix, SAP, WordPress, and more issue major patches for enterprise systems.

A New, Remarkably Sophisticated Malware Is Attacking Routers

By Dan Goodin, Ars Technica
Researchers say the remote-access Trojan ZuoRAT is likely the work of a nation-state and has infected at least 80 different targets.

The Worst Hacks and Breaches of 2022 So Far

By Lily Hay Newman
From cryptocurrency thefts to intrusions into telecom giants, state-backed attackers have had a field day in the year’s first half.

How to Avoid the Worst Instagram Scams

By Matt Burgess
Fake sellers. Competitions. Crypto cons. There are plenty of grifts on the platform, but you don’t have to get sucked in.

Apple’s Lockdown Mode Aims to Counter Spyware Threats

By Lily Hay Newman
Starting with iOS 16, people who are at risk of being targeted with spyware will have some much-needed help.

Will These Algorithms Save You From Quantum Threats?

By Amit Katwala
Quantum-proof encryption is here—decades before it can be put to the test.

Chinese Police Exposed 1B People's Data in Unprecedented Leak

By Lily Hay Newman
Plus: A duplicitous bug bounty scheme, the iPhone's new “lockdown mode,” and more of the week's top security news.

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs

By Dan Goodin, Ars Technica
The exploit can leak password information and other sensitive material, but the chipmakers are rolling out mitigations.

A New Attack Can Unmask Anonymous Users on Any Major Browser

By Lily Hay Newman
Researchers have found a way to use the web's basic functions to identify who visits a site—without the user detecting the hack.

Amazon Handed Ring Videos to Cops Without Warrants

By Matt Burgess
Plus: A wild Indian cricket scam, an elite CIA hacker is found guilty of passing secrets to WikiLeaks, and more of the week's top security news.

Instagram Slow to Tackle Bots Targeting Iranian Women’s Groups

By Lily Hay Newman
Despite alerting Meta months ago, feminist groups say tens of thousands of fake accounts continue to bombard them on the platform.

The 2022 US Midterm Elections' Top Security Issue: Death Threats

By Lily Hay Newman
While cybersecurity and foreign meddling remain priorities, domestic threats against election workers have risen to the top of the list.

The January 6 Secret Service Text Scandal Turns Criminal

By Lily Hay Newman
Plus: The FCC cracks down on car warranty robocalls, Thai activists get targeted by NSO's Pegasus, and the Russia-Ukraine cyberwar continues.

A New Attack Easily Knocked Out a Potential Encryption Algorithm

By Dan Goodin, Ars Technica
SIKE was a contender for post-quantum-computing encryption. It took researchers an hour and a single PC to break it.

The Microsoft Team Racing to Catch Bugs Before They Happen

By Lily Hay Newman
What's it like to be responsible for a billion people's digital security? Just ask the company's Morse researchers.

An Attack on Albanian Government Suggests New Iranian Aggression

By Lily Hay Newman
A Tehran-linked hack of a NATO member marks a significant escalation against the backdrop of US-Iran nuclear talks.

A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years

By Lily Hay Newman
The exposure of cryptographically scrambled passwords isn’t a worst-case scenario—but it isn’t great, either.

The US Emergency Alert System Has Dangerous Flaws

By Andrew Couts
Plus: A crypto-heist extravaganza, a peek at an NSO spyware dashboard, and more.

GitHub Moves to Guard Open Source Against Supply Chain Attacks

By Lily Hay Newman
The popular Microsoft-owned code repository plans to roll out code signing, which will help beef up the security of open source projects.

One of 5G’s Biggest Features Is a Security Minefield

By Lily Hay Newman
New research found troubling vulnerabilities in the 5G platforms carriers offer to wrangle embedded device data.

The Hacking of Starlink Terminals Has Begun

By Matt Burgess
It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.

Google's Android Red Team Had a Full Pixel 6 Pwn Before Launch

By Lily Hay Newman
Before the flagship phone ever landed in users’ hands, the security team thoroughly hacked it by finding bugs and developing exploits.

Sloppy Software Patches Are a ‘Disturbing Trend’

By Lily Hay Newman
The Zero Day Initiative has found a concerning uptick in security updates that fail to fix vulnerabilities.

The US Offers a $10M Bounty for Intel on Conti Ransomware Gang

By Matt Burgess
The State Department organization has called for people to share details about five key members of the hacking group.

Zoom’s Auto-Update Feature Came With Hidden Risks on Mac

By Lily Hay Newman
The popular video meeting app makes it easy to keep the software up to date—but it also introduced vulnerabilities.

A Single Flaw Broke Every Layer of Security in MacOS

By Matt Burgess
An injection flaw allowed a researcher to access all files on a Mac. Apple issued a fix, but some machines may still be vulnerable.

Flaw in the VA Medical Records Platform May Put Patients at Risk

By Lily Hay Newman
The Veterans Affairs’ VistA software has a vulnerability that could let an attacker “masquerade as a doctor,” a security researcher warns.

A New Tractor Jailbreak Rides the Right-to-Repair Wave

By Lily Hay Newman
A hacker has formulated an exploit that provides root access to two popular models of the company’s farm equipment.

Spyware Hunters Are Expanding Their Tool Set

By Lily Hay Newman
This invasive malware isn’t just for phones—it can target your PC too. But a new batch of algorithms aims to weed out this threat.

Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives

By Lily Hay Newman
Plus: The Twilio hack snags a reporter, a new tool to check for spyware, and the Canadian weed pipeline gets hit by a cyberattack.

Inside the World’s Biggest Hacker Rickroll

By Matt Burgess
As a graduation prank, four high school students hijacked 500 screens across six school buildings to troll their classmates and teachers.

Why the Twilio Breach Cuts So Deep

By Lily Hay Newman
The phishing attack on the SMS giant exposes the dangers of B2B companies to the entire tech ecosystem.

Apple Fixed a Serious iOS Security Flaw—Have You Updated Yet?

By Kate O'Flaherty
Plus: Chrome patches another zero-day flaw, Microsoft closes up 100 vulnerabilities, Android gets a significant patch, and more.

A Windows 11 Automation Tool Can Easily Be Hijacked

By Matt Burgess
Hackers can use Microsoft’s Power Automate to push out ransomware and key loggers—if they get machine access first.

TikTok Users Were Vulnerable to a Single-Click Attack

By Dan Goodin, Ars Technica
Microsoft disclosed the flaw in the Android app’s deep link verification process, which has since been fixed.

Police Across US Bypass Warrants With Mass Location-Tracking Tool

By Lily Hay Newman
Plus: An unsecured database exposed face recognition data in China, ‘Cuba’ ransomware knocks out Montenegro, and more.

iOS 16 Has 2 New Security Features for Worst-Case Scenarios

By Lily Hay Newman
Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks.

Ukraine’s Cyberwar Chief Sounds Like He’s Winning

By Chris Stokel-Walker
Yurii Shchyhol gives WIRED a rare interview about running the country’s Derzhspetszviazok and the state of the online conflict with Russia.

US Border Agents May Have a Copy of Your Text Messages

By Andrew Couts
Plus: An AI artist exposes surveillance of Instagram users, the US charges Iranians over a ransomware campaign, and more.

The Deep Roots of Nigeria’s Cybersecurity Problem

By Olatunji Olaigbe
Despite having one of the strongest data-protection policies in Africa, the country’s enforcement and disclosure practices remain dangerously broken.

Telegram Has a Serious Doxing Problem

By Peter Guest
The encrypted messaging app is a haven for politically motivated vitriol, but users are increasingly bringing threats to targets’ doorsteps.

A New Linux Tool Aims to Guard Against Supply Chain Attacks

By Lily Hay Newman
Security firm Chainguard has created a simple, open source way for organizations to defend the cloud against some of the most insidious attacks.

Slack’s and Teams’ Lax App Security Raises Alarms

By Andy Greenberg
New research shows how third-party apps could be exploited to infiltrate these sensitive workplace tools.

The Dire Warnings in the Lapsus$ Hacker Joyride

By Lily Hay Newman
The fun-loving cybercriminals blamed for breaches of Uber and Rockstar are exposing weaknesses in ways others aren't.
❌