WIRED

GPS Signals Are Being Disrupted in Russian Cities

Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks.

WIRED

Cuba Ransomware Gang Abused Microsoft Certificates to Sign Malware

The company has taken measures to mitigate the risks, but security researchers warn of a broader threat.

WIRED

Hackers Planted Files to Frame Indian Priest Who Died in Custody

And new evidence suggests those hackers may have collaborated with the police who investigated him.

WIRED

Attackers Keep Targeting the US Electric Grid

Plus: Chinese hackers stealing US Covid relief funds, a cyberattack on the Met Opera website, and more.

WIRED

Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking

Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited.

WIRED

Popular HR and Payroll Company Sequoia Discloses a Data Breach

The company, which works with hundreds of startups, said it detected unauthorized access to personal data, including Social Security numbers.

WIRED

Apple Expands End-to-End Encryption to iCloud Backups

The company will also soon support the use of physical authentication keys with Apple ID, and is adding contact verification for iMessage in 2023.

WIRED

Scammers Are Scamming Other Scammers Out of Millions of Dollars

On cybercrime forums, user complaints about being duped may accidentally expose their real identities.

WIRED

China’s Police State Targets Zero-Covid Protesters

Plus: ICE accidentally doxes asylum seekers, Google fails to uphold a post-Roe promise, and LastPass suffers the second breach this year.

WIRED

Android Phone Makers’ Encryption Keys Stolen and Used in Malware

Device manufacturers use “platform certificates” to verify an app’s authenticity, making them particularly dangerous in the wrong hands.

WIRED

Google Moves to Block Invasive Spanish Spyware Framework

The Heliconia hacking tool exploited vulnerabilities in Chrome, Windows Defender, and Firefox, according to company security researchers.

WIRED

The Hunt for the Kingpin Behind AlphaBay, Part 6: Endgame

With AlphaBay shuttered, Operation Bayonet enters its final phase: driving the site’s refugees into a giant trap. But one refugee hatched his own plan.

WIRED

The Hunt for the Dark Web’s Biggest Kingpin, Part 5: Takedown

After months of meticulous planning, investigators finally move in to catch AlphaBay’s mastermind red-handed. Then the case takes a tragic turn.

WIRED

A Destabilizing Hack-and-Leak Operation Hits Moldova

Plus: Google’s location snooping ends in a $391 million settlement, Russian code sneaks into US government apps, and the World Cup apps set off alarms.

WIRED

Here’s How Bad a Twitter Mega-Breach Would Be

Elon Musk laid off half the staff, and mass resignations seem likely. If nobody’s there to protect the fort, what’s the worst that could happen?

WIRED

The Hunt for the Dark Web’s Biggest Kingpin, Part 4: Face to Face

The team uses a secret technique to locate AlphaBay’s server. But just as the operation heats up, the agents have an unexpected run-in with their target.

WIRED

Twitter’s SMS Two-Factor Authentication Is Melting Down

Problems with the important security feature may be some of the first signs that Elon Musk’s social network is fraying at the edges.

WIRED

The Hunt for the FTX Thieves Has Begun

Mysterious crooks took hundreds of millions of dollars from FTX just as it collapsed. Crypto-tracing blockchain analysis may provide an answer.

WIRED

Elon Musk Introduces Twitter Mayhem Mode

Plus: US midterms survive disinformation efforts, the government names the alleged Lockbit ransomware attacker, and the Powerball drawing hits a security snag.

WIRED

Russia’s Sway Over Criminal Ransomware Gangs Is Coming Into Focus

Questions about the Kremlin’s relationships with these groups remain. But researchers are finally getting some answers.

WIRED

Elon Musk's Twitter Blue Verification Is a Gift to Scammers

Anyone can get a blue tick on Twitter without proving who they are. And it’s already causing a ton of problems.

WIRED

Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless

Security researchers see updated tactics and tools—and a tempo change—in the cyberattacks Russia’s GRU military intelligence agency is inflicting on Ukraine.

WIRED

IRS Seizes Another Silk Road Hacker’s $3.36 Billion Bitcoin Stash

A year after a billion-dollar seizure of the dark web market's crypto, the same agency found a giant trove hidden under a different hacker's floorboards.

WIRED

TikTok Admits Staff in China Can Access Europeans’ Data

Plus: Liz Truss’ phone-hacking trouble, Cash App’s sex-trafficking problem, and the rising cost of ransomware.

WIRED

The Rise of Rust, the ‘Viral’ Secure Programming Language That’s Taking Over Tech

Rust makes it impossible to introduce some of the most common security vulnerabilities. And its adoption can’t come soon enough.

WIRED

The Most Vulnerable Place on the Internet

Underwater cables keep the internet online. When they congregate in one place, things get tricky.

WIRED

You Need to Update Google Chrome, Windows, and Zoom Right Now

Plus: Important patches from Apple, VMWare, Cisco, Zimbra, SAP, and Oracle.

WIRED

China Operates Secret ‘Police Stations’ in Other Countries

Plus: The New York Post gets hacked, a huge stalkerware network is exposed, and the US claims China interfered with its Huawei probe.

WIRED

If Musk Starts Firing Twitter's Security Team, Run

What's next for the social network is anyone's guess—but here's what to watch as you wade through the privacy and security morass.

WIRED

Apple MacOS Ventura Bug Breaks Third-Party Security Tools

Your anti-malware software may not work if you upgraded to the new operating system. But Apple says a fix is on the way.

WIRED

The Hunt for the Kingpin Behind AlphaBay, Part 1: The Shadow

AlphaBay was the largest online drug bazaar in history, run by a technological mastermind who seemed untouchable—until his tech was turned against him.

WIRED

TikTok’s Security Threat Comes Into Focus

Plus: A Microsoft cloud leak exposed potential customers, new IoT security labels come to the US, and details emerge about Trump’s document stash.

WIRED

Your Microsoft Exchange Server Is a Security Liability

Endless vulnerabilities. Massive hacking campaigns. Slow and technically tough patching. It's time to say goodbye to on-premise Exchange.

WIRED

How Vice Society Got Away With a Global Ransomware Spree

Vice Society has a superpower that’s allowed it to quietly carry out attacks on schools and hospitals around the world: mediocrity.

WIRED

Elon Musk’s SpaceX Bails on Starlink Funding for Ukraine

Plus: Hackers hit the Mormon Church, Signal plans to ditch SMS for Android, and a Fat Bear election erupts in scandal.

WIRED

Google’s Pixel 7 and Pixel 7 Pro Pack New Android VPN and Tensor G2, Titan M2 Chips

The company says it hardened the security of its new flagship phones—and plans to release a built-in Android VPN.

WIRED

Binance Hackers Minted $569M in Crypto—Then It Got Complicated

Plus: The US warns of a mysterious military contractor breach, a "poisoned" version of the Tor Browser is tracking Chinese users, and more.

WIRED

The Uber Data Breach Conviction Shows Security Execs What Not to Do

Former Uber security chief Joe Sullivan’s conviction is a rare criminal consequence for an executive’s handling of a hack.

WIRED

Swatted: A Shooting Hoax Spree Is Terrorizing Schools Across the US

Sixteen states collectively suffered more than 90 false reports of school shooters during three weeks in September—and many appear to be connected.

WIRED

Microsoft Exchange Server Has a Zero-Day Problem

Plus: CIA failures allegedly got US informants killed, a former NSA worker is charged under the Espionage Act, and more.

WIRED

The Challenge of Cracking Iran’s Internet Blockade

People around the world are rallying to subvert Iran's internet shutdown, but actually pulling it off is proving difficult and risky.

WIRED

A Matrix Update Patches Serious End-to-End Encryption Flaws

The messenger protocol had gained popularity for its robust security, but vulnerabilities allowed attackers to decrypt messages and impersonate users.

WIRED

Mystery Hackers Are ‘Hyperjacking’ Targets for Insidious Spying

For decades, security researchers warned about techniques for hijacking virtualization software. Now one group has put them into practice.

WIRED

The Dire Warnings in the Lapsus$ Hacker Joyride

The fun-loving cybercriminals blamed for breaches of Uber and Rockstar are exposing weaknesses in ways others aren't.

WIRED

Slack’s and Teams’ Lax App Security Raises Alarms

New research shows how third-party apps could be exploited to infiltrate these sensitive workplace tools.

WIRED

A New Linux Tool Aims to Guard Against Supply Chain Attacks

Security firm Chainguard has created a simple, open source way for organizations to defend the cloud against some of the most insidious attacks.

WIRED

The Deep Roots of Nigeria’s Cybersecurity Problem

Despite having one of the strongest data-protection policies in Africa, the country’s enforcement and disclosure practices remain dangerously broken.

WIRED

US Border Agents May Have a Copy of Your Text Messages

Plus: An AI artist exposes surveillance of Instagram users, the US charges Iranians over a ransomware campaign, and more.

WIRED

Ukraine’s Cyberwar Chief Sounds Like He’s Winning

Yurii Shchyhol gives WIRED a rare interview about running the country’s Derzhspetszviazok and the state of the online conflict with Russia.

WIRED

iOS 16 Has 2 New Security Features for Worst-Case Scenarios

Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks.

WIRED

Police Across US Bypass Warrants With Mass Location-Tracking Tool

Plus: An unsecured database exposed face recognition data in China, ‘Cuba’ ransomware knocks out Montenegro, and more.

WIRED

TikTok Users Were Vulnerable to a Single-Click Attack

Microsoft disclosed the flaw in the Android app’s deep link verification process, which has since been fixed.

WIRED

A Windows 11 Automation Tool Can Easily Be Hijacked

Hackers can use Microsoft’s Power Automate to push out ransomware and key loggers—if they get machine access first.

WIRED

Apple Fixed a Serious iOS Security Flaw—Have You Updated Yet?

Plus: Chrome patches another zero-day flaw, Microsoft closes up 100 vulnerabilities, Android gets a significant patch, and more.

The first stop for security news | Threatpost

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Threatpost | The first stop for security news

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

WIRED

Why the Twilio Breach Cuts So Deep

The phishing attack on the SMS giant exposes the dangers of B2B companies to the entire tech ecosystem.

WIRED

Inside the World’s Biggest Hacker Rickroll

As a graduation prank, four high school students hijacked 500 screens across six school buildings to troll their classmates and teachers.

WIRED

Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives

Plus: The Twilio hack snags a reporter, a new tool to check for spyware, and the Canadian weed pipeline gets hit by a cyberattack.

The first stop for security news | Threatpost

iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.