Chinese spies got a hold of NSA hacking tools, and “repurposed them in 2016 to attack American allies and private companies in Europe and Asia,” reports the NYT. How'd they get those cyberweapons? Symantec researchers “believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — like a gunslinger who grabs an enemy’s rifle and starts blasting away.” Read the rest
Security services firm FireEye says two hacker groups known to be sponsored by the Russian government of Vladimir Putin are waging cyber-attacks currently against European government systems. Read the rest
Investigative tech journalist Joseph Menn's (previously) next book is a history of the Cult of the Dead Cow (previously) the legendary hacker/prankster group that is considered to be "America's oldest hacking group."
Read the rest
Go get a developer account and send us a formal bug report, Apple reportedly told them.
The Department of Homeland Security on Tuesday issued an “emergency” security alert urging federal civilian agencies to secure login credentials for their respective internet domain records. Read the rest
The Marriott hotel chain today said that a smaller number of customers were affected by a recent hack than initially estimated, but admitted that the hackers got customer passport numbers. Read the rest
Hackers have published a big dump of private data related to German Chancellor Angela Merkel and hundreds of other of the country's politicians, in what is said to be the biggest data dump of its kind ever in Germany. Read the rest
2018 has been a dangerous year for those who bring us the news: according to the Committee to Protect Journalists, 129 journalists were killed this year. For the first time in history, the United States has been listed as one of the most dangerous countries in the world for journalists to ply their trade. The President of the United States has been calling the media industry an "enemy of the people" for the past two years. Many of his acolytes have bought into his bullshit: news rooms have come under assault by gunmen. Bomb threats against TV stations have been made on a number of occasions. Nicaragua's government has hamstrung the nation's independent press. Jamal Khashoggi of The Washington Post was strangled and sawed to pieces by Saudi operatives. President Trump pretty much shrugged his shoulders and got on with his life. The hate and distrust showered on those working to cast light on the dark secrets that our governments would rather not be known are a budding fascist's wet dream.
And now, many of the nation's newspapers of record have suffered a cyberattack.
From The Los Angeles Times:
Read the rest
A cyberattack that appears to have originated from outside the United States caused major printing and delivery disruptions at several newspapers across the country on Saturday including the Los Angeles Times, according to a source with knowledge of the situation.
The attack led to distribution delays in the Saturday edition of The Times, the San Diego Union-Tribune, the Chicago Tribune, Baltimore Sun and several other major newspapers that operate on a shared production platform.
That massive data breach that hit hotel group Marriott? Now there are clues the hackers behind it were working for a Chinese government intelligence gathering operation. Read the rest
Ecuador plans to stop intervening with the British government on behalf of WikiLeaks founder Julian Assange, reports Reuters today. Read the rest
An internet engineer at Equifax who coded parts of a breach portal for the credit agency has been sentenced to 8 months of house arrest for insider trading. He was convicted of using insider information about the Equifax breach to make more than $75,000. Read the rest
Well this is fun: The United States Government Accountability Office released a report today that explains, in no uncertain terms, that the majority of the nation's new-fangled, high-tech weapons systems are hilariously vulnerable to cyber attacks.
From the Washington Post:
The report by the Government Accountability Office concluded that many of the weapons, or the systems that control them, could be neutralized within hours. In many cases, the military teams developing or testing the systems were oblivious to the hacking.
A public version of the study, published on Tuesday, deleted all names and descriptions of which systems were attacked so the report could be published without tipping off American adversaries about the vulnerabilities. Congress is receiving the classified version of the report, which specifies which among the $1.6 trillion in weapons systems that the Pentagon is acquiring from defense contractors were affected.
The Government Accountability Office used a team of hackers to see what sort of shenanigans could be caused with a little bit of access and a whole lot of digital kung-fu. The results aren't a good look for America's military. In one instance, the red team that the GOA used was pitted against Pentagon personnel tasked with holding the line against cyberintrusions. The security checks that the Pentagon were easily bypassed, thanks to the use of easy-to-crack passwords and "insiders" who were familiar with the program acting as meatspace backdoors to what would normally be secure systems. It gets worse: hackers working for the GAO reported being able to watch, in real time, a system operator's every move. Read the rest
Facebook says an attack on its network left the personal information of some 50 million users—perhaps you?—exposed to hackers. Who were the hackers, and what did they want? Facebook doesn't know, or won't say. But the company has confirmed that execs Mark Zuckerberg and Sheryl Sanders were among the users affected.
“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you,” Zuckerberg said about Facebook's Cambridge Analytica scandal earlier this year.
Well. You heard the man. Read the rest
“Hiding behind fake profiles, a group linked to Pyongyang solicited technology work to send hard currency back home.” Read the rest
Former Air Force language specialist and intelligence contractor Reality Winner has been sentenced to 63 months in prison. Read the rest
The Democratic National Committee called the FBI Tuesday, after discovering what the DNC says was the early phase of a sophisticated phishing attempt to hack its voter database. Read the rest
The FBI is investigating a cyberattack on the congressional campaign of David Min, a Democratic candidate in California. Read the rest