Enlarge (credit: Aurich Lawson ) Android malware developers are stepping up their billing fraud game with apps that disable Wi-Fi connections, surreptitiously subscribe users to pricey wireless services, and intercept text messages, all in a bid to collect hefty fees from unsuspecting users, Microsoft said on Friday. This threat class …

Enlarge (credit: Getty Images) Researchers have identified stealthy new malware that threat actors have been using for the past 15 months to backdoor Microsoft Exchange servers after they have been hacked. Dubbed SessionManager, the malicious software poses as a legitimate module for Internet Information Services (IIS), the web server …

Enlarge (credit: FT montage | Getty Images | Dreamstime ) Chinese university students have been lured to work at a secretive technology company that masked the true nature of their jobs: researching Western targets for spying and translating hacked documents as part of Beijing’s industrial-scale intelligence regime. The Financial Times has …

Enlarge (credit: Getty Images) In online crime forums, specialization is everything. Enter YTStealer, a new piece of malware that steals authentication credentials belonging to YouTube content creators. “What sets YTStealer aside from other stealers sold on the Dark Web market is that it is solely focused on harvesting credentials …

Enlarge (credit: Getty Images) An unusually advanced hacking group has spent almost two years infecting a wide range of routers in North America and Europe with malware that takes full control of connected devices running Windows, macOS, and Linux, researchers reported on Tuesday. So far, researchers from Lumen Technologies' …

Enlarge (credit: Getty Images / iStock ) Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel evasion techniques to conceal its presence on infected servers, in some cases even with a forensic investigation. On Thursday …

Enlarge (credit: Getty Images) Last year, Tesla issued an update that made its vehicles easier to start after being unlocked with their NFC key cards. Now, a researcher has shown how the feature can be exploited to steal cars. For years, drivers who used their Tesla NFC key card …

Redefining privacy at Ars Frontiers. Click here for transcript. (video link) At the Ars Frontiers event in Washington, DC, I had the privilege of moderating two panels on two closely linked topics: digital privacy and information security. Despite significant attempts to improve things, conflicting priorities and inadequate policy have …

Enlarge (credit: Classen et al.) When you turn off an iPhone, it doesn’t fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car …

Enlarge (credit: Getty Images) For years, Dmitriy Sergeyevich Badin sat atop the FBI’s most-wanted list. The Russian government-backed hacker has been suspected of cyberattacks on Germany’s Bundestag and the 2016 Olympics, held in Rio de Janeiro. A few weeks into Russia’s invasion of Ukraine, his own …

Enlarge / VPNfilter had a total of nine modular tools discovered thus far by researchers, potentially turning thousands of routers into a versatile attack platform. Previously unknown “ zero-day ” software vulnerabilities are mysterious and intriguing as a concept. But they're even more noteworthy when hackers are spotted actively exploiting the novel …

Enlarge (credit: Getty Images) Last year, Apple enacted App Tracking Transparency, a mandatory policy that forbids app makers from tracking user activity across other apps without first receiving those users’ explicit permission. Privacy advocates praised the initiative, and Facebook warned it would spell certain doom for companies that rely …

Enlarge (credit: cravetiger | Getty Images) Malware designed to target industrial control systems like power grids, factories, water utilities, and oil refineries represents a rare species of digital badness. So when the United States government warns of a piece of code built to target not just one of those industries …

Enlarge (credit: Getty Images | Sundry Photography) More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with the station's circuit …

Enlarge (credit: Getty Images | 3DSculptor) Independent researchers and the United States military have become increasingly focused on orbiting satellites' potential security vulnerabilities in recent years. These devices, which are built primarily with durability, reliability, and longevity in mind, were largely never intended to be ultra-secure. But at the ShmooCon …

Enlarge (credit: Kirill Kudryavtsev | Getty Images) Russia’s biggest Internet company has embedded code into apps found on mobile devices that allows information about millions of users to be sent to servers located in its home country. The revelation relates to software created by Yandex that permits developers to …

Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. (credit: IIP Photo Archive ) For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders …

Enlarge (credit: bjdlzx | Getty Images) More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet’s rotation, the satellite beams high-speed Internet down to people across Europe. Since 2011, it has helped homeowners, businesses …

Enlarge / US Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaking during a March 21 White House daily press briefing. (credit: Getty Images ) The Biden administration on Monday warned that it believes Russian state hackers may step up a cyber offensive that targets US organizations, particularly …

Enlarge (credit: Elena Lacey) After years of tantalizing hints that a passwordless future is just around the corner, you're probably still not feeling any closer to that digital unshackling. Ten years into working on the issue, though, the FIDO Alliance, an industry association that specifically works on secure authentication …

Enlarge (credit: Wired | Getty Images) For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle …

Enlarge (credit: Getty Images ) Scammers pushing iOS malware are stepping up their game by abusing two legitimate Apple features to bypass App Store vetting requirements and trick people into installing malicious apps. Apple has long required that apps pass a security review and be admitted to the App Store …

Enlarge (credit: Getty Images) Some websites just can't take "no" for an answer. Instead of respecting visitors' choice to block third-party cookies—the identifiers that track browsing activity as a user moves from site to site—they find sneaky ways to bypass those settings. Now, makers of the Brave …

Enlarge / A group of Amazon Echo smart speakers, including Echo Studio, Echo, and Echo Dot models. (Photo by Neil Godwin/Future Publishing via Getty Images) (credit: T3 Magazine/Getty Images) Academic researchers have devised a new working exploit that commandeers Amazon Echo smart speakers and forces them to unlock …

Enlarge (credit: Elena Lacey | Getty Images) On Thursday, hackers defaced a Russian Space Research Institute website and leaked files that they allege are stolen from Roscosmos, the Russian space agency. Their message ? “Leave Ukraine alone else Anonymous will f*ck you up even more.” Meanwhile a DDoS attack pummeled …