Mandiant researchers published findings this week about a newly revealed Chinese espionage operation that used Sogu malware to spy on the African operations of both European and US organizations. The campaign is significant for the scope of its victims, but also because attackers used a classic malware distribution method: thumb …
Read More »
For much of the cybersecurity industry, malware spread via USB drives represents the quaint hacker threat of the past decade—or the one before that. But a group of China-backed spies appears to have figured out that global organizations with staff in developing countries still keep one foot in the technological …
Read More »
Microsoft said in June that a China-backed hacking group had stolen a cryptographic key from the company's systems. This key allowed the attackers to access cloud-based Outlook email systems for 25 organizations, including multiple US government agencies. At the time of the disclosure, however, Microsoft did not explain how the …
Read More »
For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they're revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray market. But for …
Read More »
It's easy to trick the large language models powering chatbots like OpenAI's ChatGPT and Google's Bard. In one experiment in February, security researchers forced Microsoft’s Bing chatbot to behave like a scammer. Hidden instructions on a web page the researchers created told the chatbot to ask the person using it …
Read More »
Every software supply chain attack, in which hackers corrupt a legitimate application to push out their malware to hundreds or potentially thousands of victims, represents a disturbing new outbreak of a cybersecurity scourge. But when that supply chain attack is pulled off by a mysterious group of hackers, abusing a …
Read More »
It’s been a busy week here on the WIRED Security desk, thanks to the annual Black Hat and Defcon security conferences in Las Vegas, where hackers and researchers reveal their latest findings. Things kicked off with a doozy. A researcher believes he’s found evidence that a series of spikes in …
Read More »
Password managers are the vegetables of the internet. We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food. For nearly a decade, that’s been “123456” and “password”—the two most commonly used passwords on the web. The problem is, most of …
Read More »