• U.S. State Department blames Russia for cyberattacks that hit neighboring Georgia in October 2019

• By identifying Russia's digital assaults on neighbors, US hopes to raise awareness of ongoing GRU attacks on US Read the rest

Cliff Stoll (previously) is a computing legend: his 1989 book The Cuckoo's Egg tells the story of how he was drafted to help run Lawrence Berkeley Lab's computers (he was a physicist who knew a lot about Unix systems), and then discovered a $0.75 billing discrepancy that set him on the trail of East German hackers working for the Soviet Union, using his servers as a staging point to infiltrate US military networks. Read the rest

Wired security reporter Andy Greenberg's latest book is Sandworm (previously), a true-life technothriller that tells the stories of the cybersecurity experts who analyzed and attributed as series of ghastly cyberwar attacks that brought down parts of the Ukrainian power grid, and then escaped the attackers' control and spread all over the world. Read the rest

Wired has published another long excerpt from Sandworm, reporter Andy Greenberg's (previously) forthcoming book on the advanced Russian hacking team who took the US-Israeli Stuxnet program to the next level, attacking Ukrainian power infrastructure, literally blowing up key components of the country's power grid by attacking the embedded code in their microcontrollers. Read the rest

A little over a year ago, Bloomberg stunned the world with a report that claimed that Chinese intelligence services had figured out how to put undetectable, rice-grain-sized hardware implants into servers headed for the biggest US cloud and enterprise IT firms, and that when some of the victims discovered this fact, they quietly ripped out whole data-centers and replaced all their servers. Read the rest

Machine learning systems are pretty good at finding hidden correlations in data and using them to infer potentially compromising information about the people who generate that data: for example, researchers fed an ML system a bunch of Google Play reviews by reviewers whose locations were explicitly given in their Google Plus reviews; based on this, the model was able to predict the locations of other Google Play reviewers with about 44% accuracy. Read the rest

Andy Greenberg (previously) is Wired's senior security reporter; he did amazing work covering Russian cyberwarfare in Ukraine, which he has expanded into a forthcoming book: Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers (I read it for a blurb and a review; it's excellent). Read the rest

Spectre and Meltdown are a pair of chip-level security bugs that exploit something called "speculative execution," through which chips boost performance by making shrewd guesses about which computer operations are performed together. Read the rest

Eva Galperin is one of my colleagues at the Electronic Frontier Foundation, running our Threat Lab project, where she has made it her personal mission to eradicate stalkerware: malicious software marketed to abusive spouses, overbearing parents, and creepy employers, which runs hidden on mobile devices and allows its owner to spy on everything his target is doing ("Full access to someone’s phone is essentially full access to someone’s mind" -Eva). Read the rest

Andy Greenberg (previously) is a veteran Wired security reporter who has chronicled the frightening and chaotic world of cyberwar since its earliest days; in a forthcoming book called "Sandworm," Greenberg tells the fascinating and terrible tale of Notpetya (previously), a Russian cyberweapon (built on leaked NSA cyberweapons!) that disguised itself as criminal ransomware, but which was designed to identify and destroy key Ukrainian computer systems and networks. Read the rest

The Vingcard Vision locks are RFID-based hotel locks; at this week's Infiltrate conference in Miami, Tomi Tuominen and Timo Hirvonen from F-Secure will present a method for combining a $300 Proxmark RFID tool with any discarded key from a given hotel to derive the master keys that allow them to unlock every room in the hotel, a process that takes less than 60 seconds. Read the rest

The U.S. Senate today confirmed President Donald Trump’s selection to lead the National Security Agency and U.S. Cyber Command. Paul Nakasone will replace Mike Rogers, who is retiring. Read the rest

It's been a year since someone hacked all 156 of Dallas's emergency tornado sirens, setting them off in the middle of the night, and the security picture for cities' emergency PA systems keeps getting uglier. Read the rest

In An Empirical Analysis of Traceability in the Monero Blockchain, a group of eminent computer scientists analyze a longstanding privacy defect in the Monero cryptocurrency, and reveal a new, subtle flaw, both of which can be used to potentially reveal the details of transactions and identify their parties. Read the rest

Computers that are isolated from the internet and local networks are said to be "airgapped," and it's considered a best practice for securing extremely sensitive systems. Read the rest

A common misconception is that bitcoin transactions are anonymous. The truth is, unless you are very careful about covering your tracks, your bitcoin transactions can be connected to you. And the transaction records on bitcoin's public database (the blockchain) can never be changed or deleted, meaning they will forever be searchable by authorities or anyone else. Andy Greenberg of Wired reports that researchers were able to "connect someone's bitcoin payment on a dark web site to that person's public account."

[T]he Qatari researchers first collected dozens of bitcoin addresses used for donations and dealmaking by websites protected by the anonymity software Tor, run by everyone from WikiLeaks to the now-defunct Silk Road. Then they scraped thousands of more widely visible bitcoin addresses from the public accounts of users on Twitter and the popular bitcoin forum Bitcoin Talk.

By merely searching for direct links between those two sets of addresses in the blockchain, they found more than 125 transactions made to those dark web sites' accounts — very likely with the intention of preserving the senders' anonymity — that they could easily link to public accounts. Among those, 46 were donations to WikiLeaks. More disturbingly, 22 were payments to the Silk Road. Though they don't reveal many personal details of those 22 individuals, the researchers say that some had publicly revealed their locations, ages, genders, email addresses, or even full names. (One user who fully identified himself was only a teenager at the time of the transactions.) And the 18 people whose Silk Road transactions were linked to Bitcoin Talk may be particularly vulnerable, since that forum has previously responded to subpoeanas demanding that it unmask a user's registration details or private messages.

Blockchain transactions are recorded forever and indelibly, and that means that all the Bitcoin transactions on early Tor hidden service marketplaces like Silk Road are on permanent, public display; because many people who made these transactions later went on to link those Bitcoin wallets with their real identities, those early deals are now permanently associated with their public, identifiable selves. Read the rest