A Broken Piece of Internet Backbone Might Finally Get Fixed

A Broken Piece of Internet Backbone Might Finally Get Fixed

Today the group known as Mutually Agreed Norms for Routing Security is announcing a task force specifically dedicated to helping "content delivery networks" and other cloud services adopt the filters and cryptographic checks needed to harden BGP.

7 Simple Ways to Make Your Android Phone More Secure

7 Simple Ways to Make Your Android Phone More Secure

There are times when you will want to hand your unlocked phone to the people around you—showing photos to friends, for instance, or giving it to your kids to play on—and you may want to consider putting some extra locks on the apps you want to be more secure.

Biden Must Repair—and Reinvigorate—Tech Diplomacy

Biden Must Repair—and Reinvigorate—Tech Diplomacy

The Trump administration did no favors with respect to the diplomats responsible for digital issues; it cut the State Department’s overall budget, minimized the importance of its technology work, and pulled the rug out from underneath those working in areas like free internet access and 5G supply chain policy.

This Bluetooth Attack Can Steal a Tesla Model X in Minutes

This Bluetooth Attack Can Steal a Tesla Model X in Minutes

But one security researcher has shown how vulnerabilities in the Tesla Model X's keyless entry system allow a different sort of update: A hacker could rewrite the firmware of a key fob via Bluetooth connection, lift an unlock code from the fob, and use it to steal a Model X in just a matter of minutes.

The Secret Service Is Investigating 700 Cases of Covid Relief Fraud

The Secret Service Is Investigating 700 Cases of Covid Relief Fraud

The US Military Buys Location Data From a Popular Muslim Prayer AppFor years, shadowy companies have been buying and selling your location data based on what apps you use.

Firing Christopher Krebs Crosses a Line—Even for Trump

Firing Christopher Krebs Crosses a Line—Even for Trump

Within minutes of Donald Trump tweeting that he had fired Christopher Krebs as the director of the Department of Homeland Security’s cybersecurity agency Tuesday night, Twitter slapped on a warning label that the accompanying claim about electoral fraud “is disputed.” The disinformation warning was, in some ways, a fitting denouement to a two-week-long battle between Krebs, the head of the Cybersecurity and Infrastructure Security Agency, and his boss in the Oval Office.

Microsoft Is Making a Secure PC Chip—With Intel and AMD's Help

Microsoft Is Making a Secure PC Chip—With Intel and AMD's Help

For example, AMD says that its Security Processor will work alongside Pluton to act as the hardware root of trust for the silicon chips in a system and their firmware, while Pluton can provide the root of trust for Windows.

Computer Scientists Achieve the ‘Crown Jewel’ of Cryptography

Computer Scientists Achieve the ‘Crown Jewel’ of Cryptography

In 2018, Aayush Jain, a graduate student at the University of California, Los Angeles, traveled to Japan to give a talk about a powerful cryptographic tool he and his colleagues were developing.

7 Simple Tech Tips to Keep Your Family Safe This Holiday

7 Simple Tech Tips to Keep Your Family Safe This Holiday

Most of them have auto-updates turned on by default, but it's worth double-checking with family members to make sure they're not putting off an update for whatever reason (a lack of free storage space might be a problem on older devices, or one stalled or failed update may mean no updates since the failed one.).

Rebuilding Trump’s Broken Global Tech Policy Won’t Be Easy

Rebuilding Trump’s Broken Global Tech Policy Won’t Be Easy

This is precisely why the incoming Biden administration, which emphasized multilateralism throughout the campaign, must found its global technology policy on alliances as well.

Update iOS Right Now to Fix Some Bad Security Bugs

Update iOS Right Now to Fix Some Bad Security Bugs

Click on the headlines to read them, and stay safe out there.iOS 14.2 Patches Three Actively Exploited BugsApple released its latest iOS update this week, and while the new emojis it comes with are exciting, you'll also want it to fix a raft of security issues for iPhone and iPad. iOS 14 patches 24 bugs in all, including three reported by Google's elite Project Zero team that are have been actively exploited by hackers.

13 Best Weekend Deals on Gaming, Home, and Audio Gear

13 Best Weekend Deals on Gaming, Home, and Audio Gear

These only fit the regular AirPods case and not the AirPods Pro. Bose QuietComfort 35 II Wireless Headphones for $199 ($100 off): These are still a good deal for a pair of noise-canceling over-the-ear headphones, even if they are an older model .There's a built-in button to summon Google Assistant, and the battery lasts 20 hours or more, even with active noise cancellation.

At Least Election Day Didn't Melt Down

At Least Election Day Didn't Melt Down

"We are seeing historic levels of cooperation among federal agencies and state and local election officials to secure this election and to adapt to the Covid-19 pandemic," says Mark Lindeman, acting codirector of Verified Voting, a nonpartisan nonprofit that promotes election system integrity.

The Wisconsin GOP Lost $2.3 Million in an Email Scam

The Wisconsin GOP Lost $2.3 Million in an Email Scam

We took a closer look at Berserk Bear, the Russian hacking group that for years has broken into critical US infrastructure targets—and more recently, election-adjacent systems—without ever actually causing serious mayhem.

Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

Ransomware Hits Dozens of Hospitals in an Unprecedented Wave

The US government alert lays out recommendations and best practices for how hospitals can protect themselves, and private firms like Mandiant have been sharing "indicators of comprise" as well, so health care facilities can monitor their systems extra closely and try to head off potential attacks.

The Russian Hackers Playing 'Chekhov's Gun' With US Infrastructure

The Russian Hackers Playing 'Chekhov's Gun' With US Infrastructure

Last week the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency published an advisory warning that a group known as Berserk Bear—or alternately Energetic Bear, TEMP.Isotope, and Dragonfly—had carried out a broad hacking campaign against US state, local, territorial, and tribal government agencies, as well aviation sector targets.

A Hacker Is Threatening to Leak Patients' Therapy Notes

A Hacker Is Threatening to Leak Patients' Therapy Notes

The health care and mental health services provider Vastaamo says it first began investigating a possible breach at the end of September, when a hacker contacted three of the organization's employees with extortion demands.

The Unsinkable Maddie Stone, Google’s Bug-Hunting Badass

The Unsinkable Maddie Stone, Google’s Bug-Hunting Badass

Finding previously undiscovered software bugs and motivating developers to patch them quickly is core to the group’s mission: “Make zero-day hard.” But in 2019, the team broadened its focus beyond just disclosing unique zero-days the researchers found themselves to tracking and studying those that hackers actively exploit in the wild—the exact types of flaws Stone had been stamping out on Android.“The key thing to remember is that the problem we’re working on is not theoretical.

Did a Security Researcher Guess Trump’s Twitter Password?

Did a Security Researcher Guess Trump’s Twitter Password?

Earlier this week, Dutch security researcher Victor Gevers told De Volkskrant that he had recently accessed Donald Trump's Twitter account simply by guessing the password: maga2020!A few days later, he says, he saw that Trump's Twitter account had added two-factor authentication, freezing him out.

How 30 Lines of Code Blew Up a 27-Ton Generator

How 30 Lines of Code Blew Up a 27-Ton Generator

And when one cybersecurity researcher named Mike Assante dug into the details of that attack, he recognized a grid-hacking idea invented not by Russian hackers, but by the United State government, and tested a decade earlier.

12 Cyber Threats That Could Wreak Havoc on the Election

12 Cyber Threats That Could Wreak Havoc on the Election

Wednesday night, at a brief, hastily arranged press conference at FBI headquarters, four top US national security officials announced solemnly that they had evidence that two foreign adversaries, Iran and Russia, had obtained US voter data and appeared to be trying to spread disinformation about the election.

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit

The indictment also lays out new details of Sandworm's targeting of the nation of Georgia in 2019, which included an attempt to compromise the Georgian parliament in addition to a previously known campaign of web defacements across the country's internet, affecting 15,000 sites .Perhaps most significantly, the criminal charges mark the first global law enforcement response targeting Sandworm's hackers for their release of the NotPetya malware that ravaged networks across the world .

A Cut Cable Knocked Out Virginia's Voter Registration Site

A Cut Cable Knocked Out Virginia's Voter Registration Site

The more important question to ask when a major company like Barnes and Noble gets hacked—which it did, according to an email sent to customers this week—is how much the hackers actually got away with.

Twitter’s ‘Hacked Materials’ Rule Tries to Thread an Impossible Needle

Twitter’s ‘Hacked Materials’ Rule Tries to Thread an Impossible Needle

On Thursday evening, Twitter's head of trust and safety, Vijaya Gadde, posted a thread of tweets explaining a new policy on hacked materials, in response to the firestorm of criticism it received—largely from the political right and President Donald Trump—for its decision to block the sharing of a New York Post story based on alleged private data and communications of presidential candidate Joe Biden's son, Hunter Biden.

The Law Comes for John McAfee

The Law Comes for John McAfee

Also not ideal: A Chinese-speaking hacker group has been caught repurposing an especially sneaky tool that was first disclosed years ago as part of a leak of the Italy-based Hacking Team spyware company.

Apple's T2 Security Chip Has an Unfixable Flaw

Apple's T2 Security Chip Has an Unfixable Flaw

A recently released tool is letting anyone exploit an unusual Mac vulnerability to bypass Apple's trusted T2 security chip and gain deep system access.

A Dangerous Year in America Enters Its Most Dangerous Month

A Dangerous Year in America Enters Its Most Dangerous Month

That was true even before Thursday night, when a virus that should have been easy to keep away from a responsible White House sidelined entire ranks of West Wing staff, senior Republican leaders, and hospitalized the president himself .Now, instead of a country focused on successfully defending and executing a rapidly approaching and logistically complex election, the United States is as splintered and distracted as it has been in modern history.

Paying Evil Corp Ransomware Might Land You a Big Federal Fine

Paying Evil Corp Ransomware Might Land You a Big Federal Fine

And we took a closer look at the election threats that US intelligence officials are actually worried about .Hackers managed to break into Facebook accounts and steal $4 million dollars that they spent on ads.

The Android 11 Privacy and Security Features You Should Know

The Android 11 Privacy and Security Features You Should Know

When an app first asks for permission to track location, the option to enable this all the time (even when the app isn't running) isn't available: You need to visit the app's specific page in Android Settings to do this.

Windows XP Source Code Got Leaked All Over the Internet

Windows XP Source Code Got Leaked All Over the Internet

Windows XP Source Code Leaks OnlineWindows XP's refusal to die has caused a multitude of security problems ; Microsoft stopped officially providing updates to the operating system in 2014, meaning any vulnerabilities largely don't get fixed on the millions of computers that still run it.