Enlarge (credit: Bloomberg via Getty Images ) Twitter announced Friday that as of March 20, it will only allow its users to secure their accounts with SMS-based two-factor authentication if they pay for a Twitter Blue subscription. Two-factor authentication, or 2FA, requires users to log in with a username and …

Enlarge In 2009, the computer worm Stuxnet crippled hundreds of centrifuges inside Iran’s Natanz uranium enrichment plant by targeting the software running on the facility’s industrial computers, known as programmable logic controllers. The exploited PLCs were made by the automation giant Siemens and were all models from …

Enlarge (credit: Rosie Struve; Getty Images) After reports at the end of 2022 that hackers were selling data stolen from 400 million Twitter users, researchers now say that a widely circulated trove of email addresses linked to about 200 million users is likely a refined version of the larger …

Enlarge (credit: Marco Rosario Venturini Autieri/Getty Images) For decades, virtualization software has offered a way to vastly multiply computers’ efficiency, hosting entire collections of computers as “virtual machines” on just one physical machine. And for almost as long, security researchers have warned about the potential dark side of …

Enlarge (credit: Getty Images ) A number of course-altering US Supreme Court decisions last month—including the reversal of a constitutional right to abortion and the overturning of a century-old limit on certain firearms permits—have activists and average Americans around the country anticipating the fallout for rights and privacy …

Enlarge / VPNfilter had a total of nine modular tools discovered thus far by researchers, potentially turning thousands of routers into a versatile attack platform. Previously unknown “ zero-day ” software vulnerabilities are mysterious and intriguing as a concept. But they're even more noteworthy when hackers are spotted actively exploiting the novel …

Enlarge (credit: cravetiger | Getty Images) Malware designed to target industrial control systems like power grids, factories, water utilities, and oil refineries represents a rare species of digital badness. So when the United States government warns of a piece of code built to target not just one of those industries …

Enlarge (credit: Getty Images | Sundry Photography) More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with the station's circuit …

Enlarge (credit: Getty Images | 3DSculptor) Independent researchers and the United States military have become increasingly focused on orbiting satellites' potential security vulnerabilities in recent years. These devices, which are built primarily with durability, reliability, and longevity in mind, were largely never intended to be ultra-secure. But at the ShmooCon …

Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. (credit: IIP Photo Archive ) For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders …

Enlarge (credit: bjdlzx | Getty Images) More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet’s rotation, the satellite beams high-speed Internet down to people across Europe. Since 2011, it has helped homeowners, businesses …

Enlarge (credit: Elena Lacey) After years of tantalizing hints that a passwordless future is just around the corner, you're probably still not feeling any closer to that digital unshackling. Ten years into working on the issue, though, the FIDO Alliance, an industry association that specifically works on secure authentication …

Enlarge (credit: Wired | Getty Images) For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle …

Enlarge (credit: Elena Lacey | Getty Images) On Thursday, hackers defaced a Russian Space Research Institute website and leaked files that they allege are stolen from Roscosmos, the Russian space agency. Their message ? “Leave Ukraine alone else Anonymous will f*ck you up even more.” Meanwhile a DDoS attack pummeled …

Enlarge The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it's no surprise that the relentless North Korean hackers who feed off that booming crypto economy …

Enlarge The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it's no surprise that the relentless North Korean hackers who feed off that booming crypto economy …

Enlarge / Gabriel Weinberg, creator of DuckDuckGo. (credit: Washington Post | Getty Images) At the end of April, Apple’s introduction of App Tracking Transparency tools shook the advertising industry to its core. iPhone and iPad owners could now stop apps from tracking their behavior and using their data for personalized …

Enlarge (credit: Future Publishing | Getty Images) Since at least 2019, hackers have been hijacking high-profile YouTube channels. Sometimes they broadcast cryptocurrency scams, sometimes they simply auction off access to the account. Now, Google has detailed the technique that hackers-for-hire used to compromise thousands of YouTube creators in just the …

Enlarge / Never put a GriftHorse on your phone. (credit: John Lamparsky | Getty Images) Google has taken increasingly sophisticated steps to keep malicious apps out of Google Play. But a new round of takedowns involving about 200 apps and more than 10 million potential victims shows that this longtime problem …

Enlarge (credit: Jorg Greuel | Getty Images) More than a thousand web apps mistakenly exposed 38 million records on the open Internet, including data from a number of COVID-19 contact-tracing platforms, vaccination sign-ups, job application portals, and employee databases. The data included a range of sensitive information, from people’s …

Enlarge (credit: Andriy Onufriyenko | Getty Images) Companies of all kinds use machine learning to analyze people’s desires, dislikes, or faces. Some researchers are now asking a different question: How can we make machines forget? A nascent area of computer science dubbed machine unlearning seeks ways to induce selective …

Enlarge / Pretty Good Phone Privacy wants to minimize how much your wireless provider knows about your location. (credit: Noam Galai | Getty Images) Location data sharing from wireless carriers has been a major privacy issue in recent years. Marketers, salespeople, and even bounty hunters were able to pay shadowy third-party …

Enlarge (credit: Getty Images) Venmo, the popular mobile payment service, has redesigned its app. That's normally news you could safely ignore, but this announcement is worth a closer look. In addition to making some navigational tweaks and adding new purchase protections, the PayPal-owned platform is finally shutting down its …

Enlarge (credit: Chalongrat Chuvaree | Getty Images) For years, security researchers and cybercriminals have hacked ATMs by using all possible avenues to their innards, from opening a front panel and sticking a thumb drive into a USB port to drilling a hole that exposes internal wiring. Now, one researcher has …

Enlarge (credit: Sean Rayford | Getty Images) Nearly a week after a ransomware attack led Colonial Pipeline to halt fuel distribution on the East Coast, reports emerged on Friday that the company paid a 75 bitcoin ransom—worth as much as $5 million, depending on the time of payment—in …