WIRED

Microsoft’s AI Red Team Has Already Made the Case for Itself

Since 2018, a dedicated team within Microsoft has attacked machine learning systems to make them safer. But with the public release of new generative AI tools, the field is already evolving.

WIRED

Criminals Have Created Their Own ChatGPT Clones

Cybercriminals are touting large language models that could help them with phishing or creating malware. But the AI chatbots could just be their own kind of scam.

WIRED

Security News This Week: The Cloud Company at the Center of a Global Hacking Spree

Plus: A framework for encrypting social media, Russia-backed hacking through Microsoft Teams, and the Bitfinex Crypto Couple pleads guilty.

WIRED

Free Airline Miles, Hotel Points, and User Data Put at Risk by Flaws in Points Platform

Flaws in the Points.com platform, which is used to manage dozens of major travel rewards programs, exposed user data—and could have let an attacker snag some extra perks.

WIRED

A New Attack Impacts ChatGPT—and No One Knows How to Stop It

Researchers found a simple way to make ChatGPT, Bard, and other chatbots misbehave, proving that AI is hard to tame.

WIRED

Twitter Scammers Stole $1,000 From My Friend—So I Hunted Them Down

After scammers duped a friend with a hacked Twitter account and a “deal” on a MacBook, I enlisted the help of a fellow threat researcher to trace the criminals’ offline identities.

WIRED

TETRA Radio Code Encryption Has a Flaw: A Backdoor

A secret encryption cipher baked into radio systems used by critical infrastructure workers, police, and others around the world is finally seeing sunlight. Researchers say it isn’t pretty.

WIRED

China’s Breach of Microsoft Cloud Email May Expose Deeper Problems

Plus: Microsoft expands access to premium security features, AI child sexual abuse material is on the rise, and Netflix’s password crackdown has its intended effect.

WIRED

Satellites Are Rife With Basic Security Flaws

German researchers gained rare access to three satellites and found that they're years behind normal cybersecurity standards.

WIRED

How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom

Microsoft says hackers somehow stole a cryptographic key, perhaps from its own network, that let them forge user identities and slip past cloud defenses.

WIRED

Ransomware Attacks Are on the Rise, Again

Ransomware attacks tumbled in 2022, offering hope that the tide was turning against the criminal gangs behind them. Then things got a whole lot worse.

WIRED

Silk Road’s Second-in-Command, Variety Jones, Gets 20 Years in Prison

Roger Thomas Clark, also known as Variety Jones, will spend much of the rest of his life in prison for his key role in building the world’s first dark-web drug market.

WIRED

Russia’s Notorious Troll Farm Disbands

Plus: A French bill would allow spying via phone cameras, ATM skimmers target welfare families, and Japan’s largest cargo port gets hit with ransomware.

WIRED

EV Charger Hacking Poses a ‘Catastrophic’ Risk

Vulnerabilities in electric vehicle charging stations and a lack of broad standards threaten drivers—and the power grid.

WIRED

US Supreme Court Hands Cyberstalkers a First Amendment Victory

Plus: Hackers knock out Russian military satellite communications, a spyware maker gets breached, and the SEC targets a victim company's CISO.

WIRED

Apple, Google, and MOVEit Just Patched Serious Security Flaws

Plus: Microsoft fixes 78 vulnerabilities, VMWare plugs a flaw already used in attacks, and more critical updates from June.

WIRED

How Your Real Flight Reservation Can Be Used to Scam You

Scammers use a booking technicality, traveler confusion, and promises of dirt-cheap tickets to offer hot deals that are anything but.

WIRED

Update Your iPhone Right Now to Fix 2 Apple Zero Days

Plus: Discord has a child predator problem, fears rise of China spying from Cuba, and hackers try to blackmail Reddit.

WIRED

A Newly Named Group of GRU Hackers is Wreaking Havoc in Ukraine

Plus: The arrest of an alleged Lockbit ransomware hacker, the wild tale of a problematic FBI informant, and one of North Korea’s biggest crypto heists.

WIRED

Clop Hacking Rampage Hits US Agencies and Exposes Data of Millions

The ransomware gang Clop exploited a vulnerability in a file transfer service. The flaw is now patched, but the damage is still coming into focus.

WIRED

The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips

The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.

WIRED

A Massive Vaccine Database Leak Exposes IDs of Millions of Indians

Personal information, including ID documents and phone numbers, have been released on Telegram.

WIRED

9 Years After the Mt. Gox Hack, Feds Indict Alleged Culprits

Plus: Instagram’s CSAM network gets exposed, Clop hackers claim credit for MOVEit Transfer exploit, and a $35 million crypto heist has North Korean ties.

WIRED

The Bold Plan to Create Cyber 311 Hotlines

UT-Austin will join a growing movement to launch cybersecurity clinics for cities and small businesses that often fall through the cracks.

WIRED

Hacks Against Ukraine's Emergency Response Services Rise During Bombings

Data from Cloudflare's free digital defense service, Project Galileo, illuminates new links between online and offline attacks.

WIRED

AI Is Being Used to ‘Turbocharge’ Scams

Plus: Amazon’s Ring was ordered to delete algorithms, North Korea’s failed spy satellite, and a rogue drone “attack” isn’t what it seems.

WIRED

How AI Protects (and Attacks) Your Inbox

Criminals may use artificial intelligence to scam you. Companies, like Google, are looking for ways AI and machine learning can help prevent phishing.

WIRED

Kaspersky Says New Zero-Day Malware Hit iPhones—Including Its Own

On the same day, Russia’s FSB intelligence service launched wild claims of NSA and Apple hacking thousands of Russians.

WIRED

Apple's iOS 16.5 Fixes 3 Security Bugs Already Used in Attacks

Plus: Microsoft patches two zero-day flaws, Google’s Android and Chrome get some much-needed updates, and more.

WIRED

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

WIRED

Bcrypt, a Popular Password Hashing Algorithm, Starts Its Long Goodbye

The coinventor of “bcrypt” is reflecting on the ubiquitous function’s 25 years and channeling cybersecurity’s core themes into electronic dance music.

WIRED

The Security Hole at the Heart of ChatGPT and Bing

Indirect prompt-injection attacks can leave people vulnerable to scams and data theft when they use the AI chatbots.

WIRED

China Hacks US Critical Networks in Guam, Raising Cyberwar Fears

Researchers say the state-sponsored espionage operation may also lay the groundwork for disruptive cyberattacks.

WIRED

There’s Finally a Way to Improve Cloud Container Registry Security

“Container registries” are ubiquitous software clearinghouses, but they’ve been exposed for years. Chainguard says it now has a solution.

WIRED

The Real Risks in Google’s New .Zip and .Mov Domains

While the company’s new top-level domains could be used in phishing attacks, security researchers are divided on how big of a problem they really pose.

WIRED

A TikTok ‘Car Theft’ Challenge Is Costing Hyundai $200 Million

Plus: The FBI gets busted abusing a spy tool, an ex-Apple engineer is charged with corporate espionage, and collection of airborne DNA raises new privacy risks.

WIRED

The Underground History of Turla, Russia's Most Ingenious Hacker Group

From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.”

WIRED

A Mysterious Group Has Ties to 15 Years of Ukraine-Russia Hacks

Kaspersky researchers have uncovered clues that further illuminate the hackers’ activities, which appear to have begun far earlier than originally believed.

WIRED

ChatGPT Scams Are Infiltrating Apple's App Store and Google Play

An explosion of interest in OpenAI’s sophisticated chatbot means a proliferation of “fleeceware” apps that trick users with sneaky in-app subscriptions.

WIRED

Toyota Leaked Vehicle Data of 2 Million Customers

The FBI disables notorious Russia-linked malware, the EU edges toward a facial recognition ban, and security firm Dragos has an intrusion of its own.

WIRED

A Republican-Led Lawsuit Threatens Critical US Cyber Protections

Three states are suing to block security rules for water facilities. If they win, it may open the floodgates for challenges to other cyber rules.

WIRED

A Mysterious New Hacker Group, Red Stinger, Is Lurking in Ukraine’s Cyberspace

The unidentified attackers have targeted people on both sides of Russia’s war against Ukraine, carrying out espionage operations that suggest state funding.

WIRED

The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services

For a decade, a group called Big Pipes has worked behind the scenes with the FBI to target the worst cybercriminal “booter” services plaguing the internet.

WIRED

Russian ‘Ghost Ships’ Identified Near the Nord Stream Blasts

Plus: Apple and Google plan to stop AirTag stalking, Meta violated the FTC’s privacy order, and how to tell if your car is tracking you.

WIRED

Meta Moves to Counter New Malware and Repeat Account Takeovers

The company is adding new tools as bad actors use ChatGPT-themed lures and mask their infrastructure in an attempt to trick victims and elude defenders.

WIRED

Doctors Behind Mifepristone Ban Called ‘Christians’ a Top Threat

Leaked documents reveal that the American College of Pediatricians viewed “mainstream medicine” and “nominal Christians” as its opposition.

WIRED

American College of Pediatricians Leak Exposes 10,000 Confidential Files

A Google Drive left public on the American College of Pediatricians’ website exposed detailed financial records, sensitive member details, and more.

WIRED

Cops Just Revealed a Record-Breaking Dark Web Dragnet

Operation SpecTor likely drew on leads from multiple dark web market busts, including the secret takedown of Monopoly Market in 2021.

WIRED

SolarWinds: The Untold Story of the Boldest Supply-Chain Hack

The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation.

WIRED

Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws

Firefox gets a needed tune-up, SolarWinds squashes two high-severity bugs, Oracle patches 433 vulnerabilities, and more updates you should make now.

WIRED

DOJ Detected SolarWinds Breach Months Before Public Disclosure

In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.

WIRED

NSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI

The security issues raised by ChatGPT and similar tech are just beginning to emerge, but Rob Joyce says it’s time to prepare for what comes next.

WIRED

A Security Team Is Turning This Malware Gang’s Tricks Against It

The cybercriminals behind the Gootloader malware have found clever ways to avoid detection. But researchers are using those same mechanisms to stop them.

WIRED

Google’s Authenticator App Now Lets You Sync 2FA Codes Across Devices

You can now sync sign-in codes across devices—but they aren’t end-to-end encrypted.

WIRED

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers.

WIRED

Hacker Group Names Are Now Absurdly Out of Control

Pumpkin Sandstorm. Spandex Tempest. Charming Kitten. Is this really how we want to name the hackers wreaking havoc worldwide?

WIRED

Criminals Are Using Tiny Devices to Hack and Steal Cars

Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more.

WIRED

The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks

The mass compromise of the VoIP firm's customers is the first confirmed incident where one software-supply-chain attack enabled another, researchers say.

WIRED

The Hacker Who Hijacked Matt Walsh’s Twitter Was Just ‘Bored’

The breach of the right-wing provocateur was simply a way of “stirring up some drama,” the attacker tells WIRED. But the damage could have been much worse.

WIRED

Used Routers Often Come Loaded With Corporate Secrets

More than half of the enterprise routers researchers bought secondhand hadn’t been wiped, exposing sensitive info like login credentials and customer data.