US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

The indictment also lays out new details of Sandworm's targeting of the nation of Georgia in 2019, which included an attempt to compromise the Georgian parliament in addition to a previously known campaign of web defacements across the country's internet, affecting 15,000 sites .Perhaps most significantly, the criminal charges mark the first global law enforcement response targeting Sandworm's hackers for their release of the NotPetya malware that ravaged networks across the world .

Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment

Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment

The agencies recommended security professionals immediately implement a patch to protect the devices from hacking techniques that could fully take control of the networking equipment, offering access to all the traffic they touch and a foothold for deeper exploitation of any corporate network that uses them.

Encryption-Busting EARN IT Act Advances in Senate

Encryption-Busting EARN IT Act Advances in Senate

The law enforcement operation lasted more than three months and was made possible through police access to a secure communications platform called EncroChat, which offered encrypted messaging, disappearing messages, and an emergency data wiping feature.

The Pentagon Hasn't Fixed Basic Cybersecurity Blind Spots

The Pentagon Hasn't Fixed Basic Cybersecurity Blind Spots

Now a new report from the Government Accountability Office is highlighting systemic shortcomings in the Pentagon's efforts to prioritize cybersecurity at every level and making seven recommendations for shoring up DoD's digital defenses.

India's Data Protection Bill Threatens Global Cybersecurity

India's Data Protection Bill Threatens Global Cybersecurity

It is in the clear interest of policymakers, organizations, and the public to receive feedback from security researchers directly, instead of risking the information reaching other potentially malicious parties.

FBI Takes Down Site With 12 Billion Stolen Records

FBI Takes Down Site With 12 Billion Stolen Records

But the country's high court decided in December that blocking access violated its citizens' rights, and this week it was finally restored.This week Mick Baccio left his post over "differences with campaign leadership over how to manage information security," according to a report in the Wall Street Journal.

Meet the Mad Scientist Who Wrote the Book on How to Hunt Hackers

Meet the Mad Scientist Who Wrote the Book on How to Hunt Hackers

And for a smaller core of cybersecurity practitioners within that massive readership, it’s become a kind of legend: the ur-narrative of a lone hacker hunter, a text that has inspired an entire generation of network defenders chasing their own anomalies through a vastly larger, infinitely more malicious internet.

Huge Data Leak Doxes Members of Notorious Neo-Nazi Forum

Huge Data Leak Doxes Members of Notorious Neo-Nazi Forum

Like, say, the revelation that you can hack Alexa, Google Assistant, and Siri with lasers .Take the two former Twitter employees who allegedly used their insider access to spy on behalf of Saudi Arabia —a stark reminder of how ill prepared even the biggest companies are to protect consumer data from the people who work there.

Come Hang Out With WIRED at Our 2-Day Festival

Come Hang Out With WIRED at Our 2-Day Festival

You see, there are only a few working days left before WIRED25, our two-day live event that, in many ways, brings to life the November issue of WIRED, titled Have a Nice Future: Stories of 25 People Racing to Save Us .A few months back, as we began planning the November issue, we started to feel that national malaise, the distress that surrounded the environment, health, cybersecurity, politics.

Rudy Giuliani Butt-Dialed a Reporter (Twice!)

Rudy Giuliani Butt-Dialed a Reporter (Twice!)

Because it relates the tale of how Rudy Giuliani—lawyer to an embattled president, unlikely proprietor of a cybersecurity firm—managed to butt-dial NBC News reporter Rich Shapiro not once, but twice in the last several weeks.

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts

An attacker could potentially pivot, Santamarta says, from the in-flight entertainment system to the CIS/MS to send commands to far more sensitive components that control the plane's safety-critical systems, including its engine, brakes, and sensors.

Apple Contractors Will Stop Listening to Your Siri Recordings—For Now

Apple Contractors Will Stop Listening to Your Siri Recordings—For Now

Security News This Week: Apple Contractors Will Stop Listening to Your Siri Recordings—For Now. Justin Sullivan. After a report in The Guardian detailed Apple's use of contractors to "grade" the recordings of Siri users, the company has said it will suspend the program.

$700 Million Equifax Fine Is Still Too Little, Too Late

$700 Million Equifax Fine Is Still Too Little, Too Late

The state and federal groups that investigated Equifax touted the payout as an important wake-up call for all US corporations—especially since Equifax will also be required to make hundreds of millions of dollars of additional internal cybersecurity improvements on top of the fines.

China Distributes Spyware at Its Border and Beyond

China Distributes Spyware at Its Border and Beyond

Though they are developed by well-known companies and the location sharing is advertised for accepted uses, these apps also have the potential to be exploited by attackers who have access to victim devices.

Under Trump, the Fight Against Cybercrime Has Waned

Under Trump, the Fight Against Cybercrime Has Waned

Though the White House has not opposed specific legislation coming out of Congress—the president has signed all the cybersecurity bills sent to his desk—it also has not demonstrated an overarching strategy necessary to combat this pressing issue.

A Push to Protect Political Campaigns from Hackers Hits a Snag

A Push to Protect Political Campaigns from Hackers Hits a Snag

Now, the United States Federal Election Commission may apply the same laws to block a cybersecurity firm from offering free or low-cost defense services to campaigns, at a time when those protections are badly needed .During the 2016 US presidential election, Russian hackers not only threatened election networks and voting systems, but wreaked havoc by targeting campaigns and political parties, particularly the Democratic National Committee, and leaking troves of sensitive data.

Trump’s Homeland Security Purge Worries Cybersecurity Experts

Trump’s Homeland Security Purge Worries Cybersecurity Experts

“DHS’s voice is vital around the Situation Room table,” says Edelman “Looking ahead, as we consider issues like national security controls over AI, or limits to foreign investment, DHS is going to be more crucial than ever—and their absence of leadership could lead to some very skewed outcomes.”.

How An Entire Nation Became Russia's Test Lab for Cyberwar

How An Entire Nation Became Russia's Test Lab for Cyberwar

From that foothold, it appeared, the hackers had spread through the power companies’ networks and eventually compromised a VPN the companies had used for remote access to their network—including the highly specialized industrial control software that gives operators remote command over equipment like circuit breakers.

Turn On Auto-Updates Everywhere You Can

Turn On Auto-Updates Everywhere You Can

Turn On Auto-Updates Everywhere You Can Alyssa Foote This week, Google announced that it had patched a wicked vulnerability in Chrome, by far the most popular browser in the world.

The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source

The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source

(Like other open source code, though, expect it to have some bugs.) Joyce also noted that the NSA views the release of Ghidra as a sort of recruiting strategy, making it easier for new hires to enter the NSA at a higher level, or for cleared contractors to lend their expertise without needing to first come up to speed on the tool.

Quantum Physics Could Protect the Grid From Hackers—Maybe

Quantum Physics Could Protect the Grid From Hackers—Maybe

“It’s like working on a car with its engine running.” Sungjin Kim/Getty Images Cybersecurity experts have sounded the alarm for years: Hackers are ogling the U.S. power grid. Peters’s group thinks that a utility company could use quantum-encrypted data to communicate with their hardware.

Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess

Cybersecurity Workers Scramble to Fix a Post-Shutdown Mess

Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs.

The US Leans on Private Firms to Expose Foreign Hackers

The US Leans on Private Firms to Expose Foreign Hackers

He previously held counterterrorism and intelligence roles for the US government overseas and domestically.As government-backed hackers in Russia, China, Iran, and North Korea continue to infiltrate and attack American companies, it’s often private cybersecurity firms, rather than the US government, that are publicly assigning blame.

DOJ Indicts Hackers for Ransomware That Crippled Atlanta

DOJ Indicts Hackers for Ransomware That Crippled Atlanta

Regardless of the impact on the alleged SamSam hackers specifically, the Justice Department made a statement that should resound among cybercriminals who rely on bitcoin and the dark web for anonymity.“It absolutely adds a chilling effect,” Jarvis says.

Julian Assange Charges, Japan's Top Cybersecurity Official, and More Security News This Week

Julian Assange Charges, Japan's Top Cybersecurity Official, and More Security News This Week

Security News This Week: Japan's Top Cybersecurity Official Has Never Used a ComputerTOSHIFUMI KITAMURA/AFP/Getty ImagesThe US refused to join a new global cybersecurity agreement this week—maybe because it was created by French president Emmanuel Macron, with whom President Trump isn’t on great terms with.On the same day, internet traffic that was supposed to route through Google’s cloud servers instead went haywire, traveling through unplanned servers based in the likes of Russia and China.

The Hail Mary Plan to Restart a Hacked US Electric Grid

The Hail Mary Plan to Restart a Hacked US Electric Grid

After failures plague Utility B, Utility A then needs to step in, restarting to offer redundant power to that same critical customer.In order to interact and safely share electricity, utilities also need to get their electromagnetic frequencies in tune at around 60 hertz, so part of the exercise involved not just getting Utility A and B running, but syncing them."We had 18 substations, two utilities, two command centers, and we had two generation sources that we had to bring up a crank path and synchronize," says Stan Pietrowicz, a researcher at Perspecta Labs who is working on a black start network analysis and threat detection tool through RADICS.

The US Sits out an International Cybersecurity Agreement

The US Sits out an International Cybersecurity Agreement

“The private sector is now willing to say that we can and we will do more.”"Over the past three or four years, we’ve really seen a groundswell of private leadership."Megan Stifel, Public KnowledgeIn April, Microsoft announced the Cybersecurity Tech Accord, an agreement similar to the Paris Call that was signed by more than 60 technology corporations, which it dubbed a “a Digital Geneva Convention.” In July, the company publicly advocated for the regulation of facial recognition technology and said it was developing its own set of principles for how it should be used.