KnowBe4, a US-based security vendor, revealed that it unwittingly hired a North Korean hacker who attempted to load malware into the company's network. KnowBe4 CEO and founder Stu Sjouwerman described the incident in a blog post this week, calling it a cautionary tale that was fortunately detected before causing any …
Read More »
A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by WIRED. Since at least June last year, according to researchers at cybersecurity company Check Point, a cybercriminal they dubbed …
Read More »
As Russia has tested every form of attack on Ukraine's civilians over the past decade, both digital and physical, it's often used winter as one of its weapons—launching cyberattacks on electric utilities to trigger December blackouts and ruthlessly bombing heating infrastructure. Now it appears Russia-based hackers last January tried yet …
Read More »
The week was particularly chock-full of dramatic security news. On Friday, a flawed update to CrowdStrike’s Falcon platform caused massive global service outages and disruptions around the world. The issue, which only impacted Windows computers, crashed PCs and servers, disrupting air travel, hospitals, banks, universities, and more. Earlier in the …
Read More »
The security firm CrowdStrike inadvertently caused mayhem around the world on Friday after deploying a faulty software update to the company's Falcon monitoring platform that bricked Windows computers running the product. Fallout from the incident will take days to resolve, and the company is warning that, as system administrators and …
Read More »
To protect America’s vital infrastructure from hackers without relying on a moribund Congress, the Biden administration bet big on creative uses of existing laws. But the Supreme Court probably blew up that approach. President Joe Biden’s strategy relied on agencies interpreting the laws that give them regulatory powers to include …
Read More »
A group calling itself “NullBulge” published a 1.1-TB trove of data late last week that it claims is a dump of Disney's internal Slack archive. The data allegedly includes every message and file from nearly 10,000 channels, including unreleased projects, code, images, login credentials, and links to internal websites and …
Read More »
US telecom giant AT&T, which disclosed Friday that hackers had stolen the call records for tens of millions of its customers, paid a member of the hacking team more than $300,000 to delete the data and provide a video demonstrating proof of deletion. The hacker, who is part of the …
Read More »
In one of the largest-ever breaches of a US telecom giant, AT&T revealed this week that “nearly all” its customer phone and text records were stolen after hackers accessed its account on a third-party cloud service. That cloud service, Snowflake, has been linked to several recent breaches, including those of …
Read More »
From targeted wiretaps to bulk surveillance dragnets, phone companies have been at the center of privacy concerns for decades—and their time in the limelight isn't over yet. On Friday, telecom giant AT&T announced that it recently suffered a data breach impacting call and text messaging records of “nearly all” its …
Read More »