Apple Backs Down on Its Controversial Photo-Scanning Plans

Apple Backs Down on Its Controversial Photo-Scanning Plans

“Last month we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of Child Sexual Abuse Material,” the company said in statement Friday.

100 Million More IoT Devices Are Exposed—and They Won’t Be the Last

100 Million More IoT Devices Are Exposed—and They Won’t Be the Last

Dubbed Name:Wreck, the newly disclosed flaws are in four ubiquitous TCP/IP stacks, code that integrates network communication protocols to establish connections between devices and the internet.

‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer

‘Retaliation’ for Russia's SolarWinds Spying Isn't the Answer

The Times reported that the Biden administration plans to respond with "a series of clandestine actions across Russian networks" intended to signal that Russia's hacking campaign crossed a line—"clarifying what the United States believes are in bounds and out of bounds, and what we are prepared to do in response," as national security adviser Jake Sullivan told the paper.

The Accellion Breach Keeps Getting Worse—and More Expensive

The Accellion Breach Keeps Getting Worse—and More Expensive

Since then, dozens of companies and government organizations worldwide have acknowledged that they were breached as a result of the flaws—and many face extortion, as the ransomware group Clop has threatened to make the data public if they don't pay up.

The Best Gmail Settings You Might Not Have Used Yet

The Best Gmail Settings You Might Not Have Used Yet

In the mobile Gmail app, head to Settings > General settings > Action Confirmations and you’ll find settings to confirm before deleting, archiving, or sending emails.

China and Russia's Spying Sprees Will Take Years to Unpack

China and Russia's Spying Sprees Will Take Years to Unpack

First spotted by security firm Volexity, a nation-state group that Microsoft calls Hafnium has been using multiple zero-day exploits —which attack previously unknown vulnerabilities in software—to break into Exchange Servers, which manage email clients including Outlook.

Texas’ Icy Disaster Makes the Case for Uniting the US Grid

Texas’ Icy Disaster Makes the Case for Uniting the US Grid

But neither the eastern nor the western half of the national grid sticks tendrils into Texas in a way that would have let the state borrow large amounts of power when facing a massive, sudden freeze.

Feds Indict North Korean Hackers for Years of Heists and Scams

Feds Indict North Korean Hackers for Years of Heists and Scams

It's no secret that North Korea's hackers have rampaged around the global internet for years, stealing hundreds of millions of dollars, extorting companies, and even carrying out vendettas against perceived enemies of the Kim Jong-Un regime.

France Ties Russia's Sandworm to a Multiyear Hacking Spree

France Ties Russia's Sandworm to a Multiyear Hacking Spree

But ANSSI's report doesn't mention a supply chain compromise, and DomainTools' Slowik says the intrusions instead appear to have been carried out simply by exploiting internet-facing servers running Centreon's software inside the victims' networks.

The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group

The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group

On Monday morning Kaspersky published new evidence of technical similarities between malware used by the mysterious SolarWinds hackers, known by security industry names including UNC2452 and Dark Halo, and the well-known hacker group Turla, believed to be Russian in origin and also known by the names Venomous Bear and Snake.

The SolarWinds Investigation Ramps Up

The SolarWinds Investigation Ramps Up

Now, after a federal career that many credited with helping to secure the 2020 presidential election from foreign interference, Krebs is venturing into the other massive cybersecurity story of the last year: the Russian hacker intrusion into SolarWinds , a Texas-based company whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies.

Ransomware Is Headed Down a Dire Path

Ransomware Is Headed Down a Dire Path

At the end of September, an emergency room technician in the United States gave WIRED a real-time account of what it was like inside their hospital as a ransomware attack raged .

Russia’s Hacking Frenzy Is a Reckoning

Russia’s Hacking Frenzy Is a Reckoning

This week, several major United States government agencies—including the Departments of Homeland Security, Commerce, Treasury, and State—discovered that their digital systems had been breached by Russian hackers in a months-long espionage operation .

This Bluetooth Attack Can Steal a Tesla Model X in Minutes

This Bluetooth Attack Can Steal a Tesla Model X in Minutes

But one security researcher has shown how vulnerabilities in the Tesla Model X's keyless entry system allow a different sort of update: A hacker could rewrite the firmware of a key fob via Bluetooth connection, lift an unlock code from the fob, and use it to steal a Model X in just a matter of minutes.

Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

The US government alert lays out recommendations and best practices for how hospitals can protect themselves, and private firms like Mandiant have been sharing "indicators of comprise" as well, so health care facilities can monitor their systems extra closely and try to head off potential attacks.

A China-Linked Group Repurposed Hacking Team’s Stealthy Spyware

A China-Linked Group Repurposed Hacking Team’s Stealthy Spyware

The malware the Kaspersky researchers discovered uses its UEFI foothold to plant a second, more traditional piece of spyware on the computer's hard drive, a unique piece of code Kaspersky has called MosaicRegressor.

When Coffee Machines Demand Ransom, You Know IoT Is Screwed

When Coffee Machines Demand Ransom, You Know IoT Is Screwed

The same researchers found that version 2 of the iKettle and the then-current version of the Smarter coffee maker had additional problems, including no firmware signing and no trusted enclave inside the ESP8266, the chipset that formed the brains of the devices.

The Attack That Broke Twitter Is Hitting Dozens of Companies

The Attack That Broke Twitter Is Hitting Dozens of Companies

Branching Out. As in the Twitter hack, the perpetrators don't appear to be state-sponsored hackers or foreign cybercrime organizations, but young, English-speaking hackers organizing on forums like the website and the chat service Discord, says Zack Allen, the director of threat intelligence at security firm ZeroFox, who has also worked with the industry group tracking the incidents.

ISIS Allegedly Ran a Covid-19 PPE Scam Site

ISIS Allegedly Ran a Covid-19 PPE Scam Site

In a series of civil and criminal complaints and forfeiture notices released today, the Justice Department has revealed that it seized hundreds of bitcoin and ethereum accounts, millions of dollars, and four websites from known Islamic extremist groups that were using those accounts and funds to support terrorist operations.

An Ethics Guide for Tech Gets Rewritten With Workers in Mind

An Ethics Guide for Tech Gets Rewritten With Workers in Mind

Now, the Omidyar Network has a new tool kit, designed to get tech workers talking about the way their products shape society, democracy, and more.Some companies in Silicon Valley have even created internal corporate positions to focus on those issues, like Salesforce’s Office of Ethical and Humane Use.

New Mac Ransomware Is Even More Sinister Than It Appears

New Mac Ransomware Is Even More Sinister Than It Appears

In addition to ransomware, ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in.

Hackers Claim to Have ‘Dirty Laundry’ About Donald Trump

Hackers Claim to Have ‘Dirty Laundry’ About Donald Trump

We'll get to the rest of this week's security news in just a second, but before all that you need to carve out a little chunk of your day to read WIRED senior writer Andy Greenberg's profile of Marcus Hutchins , the hacker who stopped the berserking WannaCry ransomware three years ago.

Solar Panels Could Be the Best Fad Ever

Solar Panels Could Be the Best Fad Ever

I was nursing a beer at his winter holiday party as he told me about the solar panels on his Brooklyn brownstone roof.It was a neighbor from around the corner who'd seen my solar array and, like me before him, was intrigued.

Harvey Weinstein Reportedly Tests Positive for Coronavirus

Harvey Weinstein Reportedly Tests Positive for Coronavirus

Per a report in the Niagara Gazette, the one-time mogul is currently isolated at Wende Correctional Facility in western New York state, where he’s serving a 23-year sentence after being convicted earlier this month of one count of rape and one count of a criminal sex act.In other coronavirus-related news, pop mogul Rihanna’s charitable organization is donating $5 million to Covid-19 relief.

Amazon Warehouses Will Now Accept Essential Supplies Only

Amazon Warehouses Will Now Accept Essential Supplies Only

Amazon customers can expect greater availability of things like soap and dog food, and potential shipping delays when it comes to less pressing items like clothing and electronics.“We are seeing increased online shopping, and as a result some products such as household staples and medical supplies are out of stock,” reads an announcement on Amazon’s official forum for sellers.

Elite Hackers Are Using Coronavirus Emails to Set Traps

Elite Hackers Are Using Coronavirus Emails to Set Traps

This week, the Chinese firm QiAnXin spotted Russian hackers—possibly affiliated with the groups Sandworm and Fancy Bear —sending phishing emails laced with malicious document attachments to Ukrainian targets.Meanwhile, the Vietnamese security firm VinCSS detected a high volume of novel coronavirus-related phishing emails over the last two weeks attributed to government hackers.

These Sleek Lamps Illuminate the Promise of 3D Printing

These Sleek Lamps Illuminate the Promise of 3D Printing

Yang is the founder and CEO of Gantri, a San Francisco company that designs, fabricates, and sells 3D-printed lamps.The Signal desk light is one of the new lamps in Gantri's collection that was designed by the SF firm Ammunition, which is famous for some of Silicon Valley's most iconic designs.

Microsoft's Secured-Core PC Feature Protects Critical Code

Microsoft's Secured-Core PC Feature Protects Critical Code

Microsoft already offers Windows Secure Boot, a feature that checks for cryptographic signatures to confirm software integrity.Instead of relying on firmware, Microsoft has worked with AMD, Intel, and Qualcomm to make new central processing unit chips that can run integrity checks during boot in a controlled, cryptographically verified way.

New Uber Rules, Bomber-Inspired Jet Design, and More News

New Uber Rules, Bomber-Inspired Jet Design, and More News

Uber has a response to a new California law that forces the company to treat drivers like employees: "Well fine, maybe we just won't pick you up ."Uber is now allowing drivers in California to see how much a ride would pay and where it would go before they accept it.

YouTube Gaming's Most-Watched Videos Are Dominated by Scams and Cheats

YouTube Gaming's Most-Watched Videos Are Dominated by Scams and Cheats

A chat box alongside the video displays frustrated messages: “I still haven’t got the money,” or “I did all the steps.” The stream, which often sits atop YouTube Gaming’s directory, remained live last weekend for over 21 hours, during which it was viewed over 1.1 million times.