Enlarge (credit: Getty Images | 3DSculptor) Independent researchers and the United States military have become increasingly focused on orbiting satellites' potential security vulnerabilities in recent years. These devices, which are built primarily with durability, reliability, and longevity in mind, were largely never intended to be ultra-secure. But at the ShmooCon …

North Korean hackers have been exploiting a zero-day in Chrome. The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. Both groups deployed the same exploit kit on websites that either belonged to legitimate organizations and were hacked or were set up for the express …

Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. (credit: IIP Photo Archive ) For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders …

Enlarge (credit: bjdlzx | Getty Images) More than 22,000 miles above Earth, the KA-SAT is locked in orbit. Traveling at 7,000 miles per hour, in sync with the planet’s rotation, the satellite beams high-speed Internet down to people across Europe. Since 2011, it has helped homeowners, businesses …

Enlarge / US Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaking during a March 21 White House daily press briefing. (credit: Getty Images ) The Biden administration on Monday warned that it believes Russian state hackers may step up a cyber offensive that targets US organizations, particularly …

Experts recommend password managers for convenience and enhanced online safety, yet few of us use them In a competitive field, passwords are one of the worst things about the internet. Long and complex passwords are more secure but difficult to remember, leaving many people using weak and easy-to-guess credentials …

Enlarge (credit: Wired | Getty Images) For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle …

This will be law soon: Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. [...] The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected …

From an army of volunteers to EU and Nato teams, the variety of online actors working for the cause is unprecedented As the conflict in Ukraine escalates, expert cyber-watchers have been speculating about the kind of cyber-attacks that Russia might conduct. Will the Kremlin turn off Ukraine’s power …

An Alexa can respond to voice commands it issues. This can be exploited : The attack works by using the device’s speaker to issue voice commands. As long as the speech contains the device wake word (usually “Alexa” or “Echo”) followed by a permissible command, the Echo will carry …

Enlarge (credit: Elena Lacey | Getty Images) On Thursday, hackers defaced a Russian Space Research Institute website and leaked files that they allege are stolen from Roscosmos, the Russian space agency. Their message ? “Leave Ukraine alone else Anonymous will f*ck you up even more.” Meanwhile a DDoS attack pummeled …

Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group)....the scope of victims exceeded …

UK government and banks on alert for new form of electronic attack said to have infected hundreds of machines Russia-Ukraine crisis: live news Cyber experts have identified a new strain of computer-disabling malware unleashed on Ukrainian targets as part of Russia’s offensive, as the UK government and banks …

Police have been accused of spying on at least 26 individuals who are not criminal suspects An inquiry into allegations that Israel’s police force systematically hacked into the mobile phones of Israeli citizens has found that while the police did use NSO Group’s controversial Pegasus malware, there …

Enlarge (credit: Getty Images) Millions of WordPress sites have received a forced update over the past day to fix a critical vulnerability in a plugin called UpdraftPlus. The mandatory patch came at the request of UpdraftPlus developers because of the severity of the vulnerability, which allows untrusted subscribers, customers …

A detailed report of the 2021 ransomware attack against Ireland’s Health Services Executive lists some really bad security practices : The report notes that: The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level …

Britain, the US and Australia point to growth in ‘sophisticated, high-impact ransomware incidents’ There have been further increases in “sophisticated, high-impact ransomware incidents” coming from Russia and other former Soviet states during 2021, Britain, the US and Australia said in a joint review of cyber-extortion trends. Universities and schools …

With KP Snacks the latest cyber-attack victim, firms must learn to defend themselves against a mounting menace The January snow lay thick on the Moscow ground, as masked officers of the FSB – Russia’s fearsome security agency – prepared to smash down the doors at one of 25 addresses they …

Enlarge (credit: Aurich Lawson | Getty Images) This is a story about how a simple software bug allowed the fourth-biggest cryptocurrency theft ever. Hackers stole more than $323 million in cryptocurrency by exploiting a vulnerability in Wormhole, a Web-based service that allows inter-blockchain transactions. Wormhole lets people move digital coins …

Enlarge (credit: Getty Images ) The Red Cross on Wednesday pleaded with the threat actors behind a cyberattack that stole the personal data of about 515,000 people who used a program that works to reunite family members separated by conflict, disaster or migration. "While we don't know who is …

Here’s a fascinating report: “ Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary :...researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs­ — programs that hire hackers to discover and report bugs …

Enlarge The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it's no surprise that the relentless North Korean hackers who feed off that booming crypto economy …

Enlarge The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it's no surprise that the relentless North Korean hackers who feed off that booming crypto economy …

Enlarge / A Ukrainian Military Forces serviceman watches through a spyglass in a trench on the frontline with Russia-backed separatists near Avdiivka, southeastern Ukraine, on January 9, 2022. (credit: Anatolii Stepanov | Getty Images) Ukraine said it was the target of a “massive cyber attack” after about 70 government websites ceased …

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed. Air Marshal Edward Stringer, who left the armed forces in August, told Sky News …