The new generation of hardware authentication key includes support for cryptographic passkeys as Google pushes adoption of the more secure login alternative.
In its plans to implement a White House executive order, CISA aims to strike a balance between promoting AI adoption for national security and defending against its malicious use.
Netflix, Spotify, Twitter, PayPal, Slack. All down for millions of people. How a group of teen friends plunged into an underworld of cybercrime and broke the internet—then went to work for the FBI.
Russia's most notorious military hackers successfully sabotaged Ukraine's power grid for the third time last year. And in this case, the blackout coincided with a physical attack.
Following a string of serious security incidents, Microsoft says it has a plan to deal with escalating threats from cybercriminals and state-backed hackers.
Plus: Details emerge of a US government social media-scanning tool that flags “derogatory” speech, and researchers find vulnerabilities in the global mobile communications network.
A recent breach of authentication giant Okta has impacted nearly 200 of its clients. But repeated incidents and the company’s delayed disclosure have security experts calling foul.
Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.
Plus: IT workers secretly funnel money to North Korea, a court in the US upholds keyword search warrants, and WhatsApp gets a passwordless upgrade on Android
Whoever looted FTX on the day of its bankruptcy has now moved the stolen money through a long string of intermediaries—and eventually some that look Russian in origin.
By Lily Hay Newman, Matt Burgess — October 9th 2023 at 22:21
Since the conflict escalated, hackers have targeted dozens of government websites and media outlets with defacements and DDoS attacks, and attempted to overload targets with junk traffic to bring them down.
The same chaotic day FTX declared bankruptcy, someone began stealing hundreds of millions of dollars from its coffers. A WIRED investigation reveals the company’s “very crazy night” trying to stop them.
At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.
Plus: Mozilla patches 10 Firefox bugs, Cisco fixes a vulnerability with a rare maximum severity score, and SAP releases updates to stamp out three highly critical flaws.
Plus: MGM hackers hit more than just casinos, Microsoft researchers accidentally leak terabytes of data, and China goes on the PR offensive over cyberespionage.
Authorities have sanctioned 11 alleged members of the cybercriminal groups, while the US Justice Department unsealed three federal indictments against nine people accused of being members.
After leaving many questions unanswered, Microsoft explains in a new postmortem the series of slipups that allowed attackers to steal and abuse a valuable cryptographic key.
Chatbots like OpenAI’s ChatGPT and Google’s Bard are vulnerable to indirect prompt injection attacks. Security researchers say the holes can be plugged—sort of.
Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.
By Matt Burgess, Lily Hay Newman — August 30th 2023 at 17:37
A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.
The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.
The US Secret Service’s relationship with the Oath Keepers gets revealed, Tornado Cash cofounders get indicted, and a UK court says a teen is behind a Lapsus$ hacking spree.
Musician Alex Pall spoke with WIRED about his VC firm, the importance of raising cybersecurity awareness in a rapidly digitizing world, and his surprise that hackers know how to go hard.
An innovation agency within the US Department of Health and Human Services will fund research into better defenses for the US health care system’s digital infrastructure.
The macOS Background Task Manager tool is supposed to spot potentially malicious software on your machine. But a researcher says it has troubling flaws.
GitHub has spent two years researching and slowly rolling out its multifactor authentication system. Soon it will be mandatory for all 100 million users—with no opt-out.
In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.
Security researchers accessed an internal camera inside the Deckmate 2 shuffler to learn the exact deck order—and the hand of every player at a poker table.
The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption keys.
Since 2018, a dedicated team within Microsoft has attacked machine learning systems to make them safer. But with the public release of new generative AI tools, the field is already evolving.
Cybercriminals are touting large language models that could help them with phishing or creating malware. But the AI chatbots could just be their own kind of scam.
Login
FreshRSS