One of the most chilling aspects of Russia’s recent hacking spree—which breached numerous United States government agencies among other targets—was the successful use of a “supply chain attack” to gain tens of thousands of potential targets from a single compromise at the IT services firm SolarWinds. But this wasn’t the only striking feature of the […]
Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices. Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers. (Both companies have since patched the security flaws.) The […]
Ever since the December revelation that hackers breached the IT-management software firm SolarWinds, along with an untold number of its customers, Russia has been the prime suspect. But even as US officials have pinned the attack on the Kremlin with varying degrees of certainty, no technical evidence has been published to support those findings. Now […]
Ticketmaster has agreed to pay a $10 million criminal fine after admitting its employees repeatedly used stolen passwords and other means to hack a rival ticket sales company. The fine, which is part of a deferred prosecution agreement Ticketmaster entered with federal prosecutors, resolves criminal charges filed last week in federal court in the Eastern […]
For many of us, 2020 has been a very dangerous year. Alongside the usual headline grabbers like wars, violent crime, and terrorism, we also faced more insidious, creeping threats: a pandemic that has claimed more than 300,000 American lives, and the lives of 1.5 million people worldwide, thanks in part to waves of viral lies […]
At the end of September, an emergency room technician in the United States gave WIRED a real-time account of what it was like inside their hospital as a ransomware attack raged. With their digital systems locked down by hackers, health care workers were forced onto backup paper systems. They were already straining to manage patients […]
Attackers had full access—a nightmare security scenario that would be any nation-state hacker’s dream. Instead, the assault was simply part of a bitcoin scam that ended up netting about $120,000. In all, the scammers targeted 130 accounts and took control of 45. In a mad scramble to contain the situation, Twitter temporarily froze all verified […]
Researchers from IBM Trusteer say they’ve uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in a matter of days. The scale of the operation was unlike anything the researchers have seen before. In one case, crooks used about 20 emulators to […]
This means there are really three subgroups within the potential victims of these attacks: Orion users who installed the backdoor but were never otherwise exploited; victims who had some malicious activity on their networks, but who ultimately weren’t appealing targets for attackers; and victims who were actually deeply compromised because they held valuable data. “If […]
This week, several major United States government agencies—including the Departments of Homeland Security, Commerce, Treasury, and State—discovered that their digital systems had been breached by Russian hackers in a months-long espionage operation. The breadth and depth of the attacks will take months, if not longer, to fully understand. But it’s already clear that they represent […]