More than two months after the start of a ransomware debacle whose impact ranks among the worst in the history of cybersecurity, the medical firm Change Healthcare finally confirmed what cybercriminals, security researchers, and Bitcoin's blockchain had already made all too clear: that it did indeed pay a $22 million …
Read More »AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now
Looking for love? Be careful what you wish for. A loose-knit community of con artists known as Yahoo Boys has begun using real-time face-swap technology to woo victims with romance scams. Using a variety of tools and techniques, the scammers use AI-powered apps to make themselves look like entirely different …
Read More »Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities
Russia's military intelligence unit known as Sandworm has, for the past decade, served as the Kremlin’s most aggressive cyberattack force, triggering blackouts in Ukraine and releasing self-spreading, destructive code in incidents that remain some of the most disruptive hacking events in history. In recent months, however, one group of hackers …
Read More »Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse
Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans’ sensitive medical and financial records stolen from the health care giant. “For most US individuals out there doubting us, we probably have your personal data,” the RansomHub gang said in an …
Read More »The US Government Has a Microsoft Problem
When Microsoft revealed in January that foreign government hackers had once again breached its systems, the news prompted another round of recriminations about the security posture of the world’s largest tech company. Despite the angst among policymakers, security experts, and competitors, Microsoft faced no consequences for its latest embarrassing failure. …
Read More »Roku Breach Hits 567,000 Users
After months of delays, the US House of Representatives voted on Friday to extend a controversial warrantless wiretap program for two years. Known as Section 702, the program authorizes the US government to collect the communications of foreigners overseas. But this collection also includes reams of communications from US citizens, …
Read More »Change Healthcare Faces Another Ransomware Threat—and It Looks Credible
For months, Change Healthcare has faced an immensely messy ransomware debacle that has left hundreds of pharmacies and medical practices across the United States unable to process claims. Now, thanks to an apparent dispute within the ransomware criminal ecosystem, it may have just become far messier still. In March, the …
Read More »Identity Thief Lived as a Different Man for 33 Years
It’s been a week since the world avoided a potentially catastrophic cyberattack. On March 29, Microsoft developer Andres Freund disclosed his discovery of a backdoor in XZ Utils, a compression tool widely used in Linux distributions and thus countless computer systems worldwide. The backdoor was inserted into the open source …
Read More »A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask
A little over two years have passed since the online vigilante who would call himself P4x fired the first shot in his own one-man cyberwar. Working alone in his coastal Florida home in late January of 2022, wearing slippers and pajama pants and periodically munching on Takis corn snacks, he …
Read More »The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The scourge of software supply chain attacks—an increasingly common hacking technique that hides malicious code in a widely used legitimate program—can take many forms. Hackers can penetrate an update server to seed out their malware, or even break into the network where the software was developed to corrupt it at …
Read More »