China Hijacked an NSA Hacking Tool in 2014—and Used It for Years

China Hijacked an NSA Hacking Tool in 2014—and Used It for Years

More than four years after a mysterious group of hackers known as the Shadow Brokers began wantonly leaking secret NSA hacking tools onto the internet, the question that debacle raised—whether any intelligence agency can prevent its "zero-day" stockpile from falling into the wrong hands —still haunts the security community.

Ex-CISA Head Chris Krebs: ‘Impeachment Is the Right Mechanism’

Ex-CISA Head Chris Krebs: ‘Impeachment Is the Right Mechanism’

As the director of the US Cybersecurity and Infrastructure Security Agency, Krebs oversaw the country's election preparedness , grappling not only with potential foreign hacking threats but a firehose of disinformation from President Donald Trump and his associates.

Russia's SolarWinds Hack Is a Historic Mess

Russia's SolarWinds Hack Is a Historic Mess

But because the SolarWinds hack was what's known as a "supply chain" attack, in which Russia compromised a trusted tool rather than using known malware to break in, Einstein failed spectacularly.

Russia Tested a Space Weapon Last Week

Russia Tested a Space Weapon Last Week

This week, WIRED broke the news of a Russian military intelligence hacking campaign that dates all the way back to December 2018.

Chinese Hackers Charged in Decade-Long Crime and Spying Spree

Chinese Hackers Charged in Decade-Long Crime and Spying Spree

Dong would research victims and how they might be exploited; Li did the dirty work of compromising the networks and exfiltrating the data.Not to mention a hit list that included multiple videogame and pharmaceutical companies, an educational software firm, Covid-19 research, and hundreds of other victims worldwide.

Who Pulled Off the Twitter Hack?

Who Pulled Off the Twitter Hack?

And we took a fresh look at an old debate: whether TikTok actually poses a security threat to the US.Russian hackers are targeting Covid-19 vaccine research .

Nintendo Confirms Some 160,000 Accounts Might've Been Hacked

Nintendo Confirms Some 160,000 Accounts Might've Been Hacked

Earlier today, Nintendo confirmed that a recent hacking attempt on its system compromised the login IDs and passwords of some 160,000 Nintendo Network ID accounts.

Amid Its Covid-19 Crisis, China Was Still Hacking Uighurs’ iPhones

Amid Its Covid-19 Crisis, China Was Still Hacking Uighurs’ iPhones

From as early as December of last year and continuing through March, Chinese hackers used so-called "watering hole" attacks to plant malware on the iPhones of Uighurs, according to new findings from the security firm Volexity.

This Map Shows the Global Spread of Zero-Day Hacking Techniques

This Map Shows the Global Spread of Zero-Day Hacking Techniques

But today, the global map of zero-day hacking has expanded far beyond the United States, Russia, and China, as more countries than ever buy themselves a spot on it.

Free Press Advocates Decry Cybercrime Charges Against Glenn Greenwald

Free Press Advocates Decry Cybercrime Charges Against Glenn Greenwald

The complaint goes to some lengths to emphasize that Greenwald was not initially a subject of the investigation into this alleged hacking group, but that an audio recording uncovered during a lawful search pointed to "direct participation of the journalist in criminal conduct."

The First BlueKeep Mass Hacking Is Finally Here—but Don't Panic

The First BlueKeep Mass Hacking Is Finally Here—but Don't Panic

But this is the first instance where I’ve seen it being used on a mass scale," says Marcus Hutchins, a malware researcher for security firm Kryptos Logic who was one of the first to build a working proof-of-concept for the BlueKeep vulnerability.

Russian Hackers Are Still Targeting the Olympics

Russian Hackers Are Still Targeting the Olympics

Microsoft notes that the hackers, long believed to be working in the service of the Russian military intelligence agency known as the GRU, began their attacks on September 16, just ahead of reports that the Worldwide Anti-Doping Agency had found "inconsistencies" in Russian athletes' compliance with anti-doping standards, which may lead to the country's ban from the 2020 Tokyo Olympics, just as they were from the Pyeongchang Winter Games in 2018.

Iranian Hackers Targeted a US Presidential Candidate

Iranian Hackers Targeted a US Presidential Candidate

In a 30-day stretch during August and September, Microsoft saw hackers launch 2,700 attempts to identify specific target email accounts, including those belonging to current and former US government officials, journalists, and Iranians living outside Iran.

'Simjacker' Attack Can Track Phones Just by Sending a Text

'Simjacker' Attack Can Track Phones Just by Sending a Text

The good news is that the so-called Simjacker attack revealed this week by AdaptiveMobile Security doesn't appear to affect the major US carriers.The Treasury Department this week leveled sanctions against three North Korean hacking groups, including the Lazarus Group, a team thought responsible for the 2014 hack of Sony Pictures and other major targets.

An Unprecedented iPhone Hack, a Wi-Fi Leg Implant, and More News

An Unprecedented iPhone Hack, a Wi-Fi Leg Implant, and More News

A hacker has been taking advantage of iPhone security flaws, a man implanted a streaming device in his leg, and Uber and Lyft are fighting to avoid treating their drivers as employees.

Trump's Cyber Czar Is Back—and He Wants to Make Hackers Suffer

Trump's Cyber Czar Is Back—and He Wants to Make Hackers Suffer

But you never stop to believe there's an adversary outside the window interfering with the beam between the remote and TV," says Ryan, who left the NSA two years ago to start work on Trinity before recruiting Bossert six months ago.

Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains—and Counting

Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains—and Counting

A new report from threat detection firm RiskIQ details how Magecart hackers have found a way to scan Amazon S3 buckets—cloud repositories that hold data and and other backend necessities for sites and companies—for any that are misconfigured to allow anyone with an Amazon Web Services account to not just read their contents, but write to them, implementing whatever changes they want.

How Not To Prevent a Cyberwar With Russia

How Not To Prevent a Cyberwar With Russia

"The idea that we can use cyber offense capabilities to impose sabotage-like effects, and to do so in increasingly large scale and costly ways until they get it through their head that they can’t win, I don’t think that's going to work," says Tom Bossert, who served as White House homeland security advisor and the president's most senior cybersecurity-focused official until April of last year .

Indictment Alleges Who Hacked Anthem, but Not Why

Indictment Alleges Who Hacked Anthem, but Not Why

“More than 90 percent of the department’s cases alleging economic espionage over the past seven years involve China,” then-deputy attorney general Rod Rosenstein said in a December press conference announcing a wave of indictments that specifically tied hackers to the Chinese government.

Elon's Court-Approved Twitter-Sitter, Measles in LA, and More News

Elon's Court-Approved Twitter-Sitter, Measles in LA, and More News

Elon's Court-Approved Twitter-Sitter, Measles in LA, and More News. The dust has finally settled on Tesla CEO Elon Musk's battle with the SEC, LA is under quarantine, and the US is falling behind in SIM-swap hacking. Elon Musk is getting a stricter Twitter-sitter.

A Mystery Agent Is Doxing Iran's Hackers and Dumping Their Code

A Mystery Agent Is Doxing Iran's Hackers and Dumping Their Code

"We are exposing here the cyber tools (APT34 / OILRIG) that the ruthless Iranian Ministry of Intelligence has been using against Iran’s neighboring countries, including names of the cruel managers, and information about the activities and the goals of these cyber-attacks," read the original message posted to Telegram by the hackers in late March.

Beto O'Rourke Belonged to an Infamous '90s Hacker Group

Beto O'Rourke Belonged to an Infamous '90s Hacker Group

Security News This Week: Beto O'Rourke Was Part of an Infamous '90s Hacker Group PAUL RATJE/Getty Images This week ended with terror, as a shooting in New Zealand took the lives of at least 49 people at two mosques in Christchurch, New Zealand.

Security News This Week: Employees May Have Snooped on Ring Security Camera Feeds

Security News This Week: Employees May Have Snooped on Ring Security Camera Feeds

This exposed the fact that though carriers insist they don’t sell location tracking data to third parties, they, uh, still do. That Massive German Politician Hack Was the Work of a 20-Year-Old Last week, politicians and celebrities in Germany were doxxed, their intimate information splashing out for all to see.

How China’s Elite Spies Stole the World’s Most Valuable Secrets

How China’s Elite Spies Stole the World’s Most Valuable Secrets

“It’s a potential foothold into hundreds of organizations.”"More than two-thirds of the Justice Department’s cases involving thefts of trade secrets are connected to China."Deputy attorney general Rod RosensteinFor an even greater sense of scale: The indictment alleges, among other things, that by hacking into a single New York-based MSP, APT10 was able to compromise data from companies in a dozen countries, from Brazil to the United Arab Emirates.

If China Hacked Marriott, 2014 Marked a Full-on Assault

If China Hacked Marriott, 2014 Marked a Full-on Assault

And if you throw the Marriott data into the mix, which included passport numbers like the OPM trove, the espionage effort seems even more comprehensive."If I were a foreign intelligence service and wanted to get a complete picture about a specific group of people, these are exactly the targets I would select," says Crane Hassold, senior director of threat research at the phishing defense firm Agari who previously worked as a digital behavior analyst for the FBI.

GOP Email Hack Shows How Bad Midterm Election Meddling Got

GOP Email Hack Shows How Bad Midterm Election Meddling Got

GOP Email Hack Shows How Bad Midterm Election Meddling GotUS President Donald Trump delivers remarks at the National Republican Congressional Committee in March.Kevin Dietsch/Getty ImagesThough sporadic hacker intrusions and phishing campaigns targeted political entities in the lead-up to November's midterm elections, things seemed pretty quiet overall on the election-meddling front in the US.

Russian Hackers Haven't Stopped Probing the US Power Grid

Russian Hackers Haven't Stopped Probing the US Power Grid

But grid hacking comes in less dramatic forms as well—which makes Russia's continued probing of US critical infrastructure all the more alarming.At the CyberwarCon forum in Washington, DC on Wednesday, researchers from threat intelligence firm FireEye noted that while the US grid is relatively well-defended, and difficult to hit with a full-scale cyberattack, Russian actors have nonetheless continue to benefit from their ongoing vetting campaign."There’s still a concentrated Russian cyber espionage campaign targeting the bulk of the US electrical grid," says FireEye analyst Alex Orleans says.

DoJ Charges North Korean Hacker for Sony, WannaCry, and More

DoJ Charges North Korean Hacker for Sony, WannaCry, and More

And while it highlights Sony, WannaCry, and the Bangladesh bank theft, it makes clear that the hacker’s activity extended far beyond those blockbuster incidents—and that it continues today.“The scope and damage of the computer intrusions perpetrated and caused by the subjects of this investigation, including Park, is virtually unparalleled,” reads the complaint.While the complaint singles out Park, prosecutors were also very clear that he did not act alone–an unsurprising fact given the magnitude of the operations.