It's a rule of thumb in cybersecurity that the more sensitive your system, the less you want it to touch the internet. But as the US hunkers down to limit the spread of Covid-19, cybersecurity measures present a difficult technical challenge to working remotely for employees at critical infrastructure, intelligence agencies, and anywhere else with high-security networks. In some cases, working from home isn't an option at all.Companies with especially sensitive data or operations often limit remote connections, segment networks to limit a hacker's access if they do get in, and sometimes...…It's a rule of thumb in cybersecurity that the more sensitive your system, the less you want it to touch the internet. But as the US hunkers down to limit the spread of Covid-19, cybersecurity measures present a difficult technical challenge to working remotely for employees at critical infrastructure, intelligence agencies, and anywhere else with high-security networks. In some cases, working from home isn't an option at all.Companies with especially sensitive data or operations often limit remote connections, segment networks to limit a hacker's access if they do get in, and sometimes...WW…

Last month, the cryptographer and coder known as Moxie Marlinspike was getting settled on an airplane when his seatmate, a midwestern-looking man in his 60s, asked for help. He couldn't figure out how to enable airplane mode on his aging Android phone. But when Marlinspike saw the screen, he wondered for a moment if he was being trolled: Among just a handful of apps installed on the phone was Signal.Marlinspike launched Signal, widely considered the world's most secure end-to-end encrypted messaging app, , and today heads the nonprofit Signal Foundation that maintains it. But the man on the...…Last month, the cryptographer and coder known as Moxie Marlinspike was getting settled on an airplane when his seatmate, a midwestern-looking man in his 60s, asked for help. He couldn't figure out how to enable airplane mode on his aging Android phone. But when Marlinspike saw the screen, he wondered for a moment if he was being trolled: Among just a handful of apps installed on the phone was Signal.Marlinspike launched Signal, widely considered the world's most secure end-to-end encrypted messaging app, , and today heads the nonprofit Signal Foundation that maintains it. But the man on the...WW…

Taiwan has faced existential conflict with China for its entire existence and has been targeted by China's state-sponsored hackers for years. But an investigation by one Taiwanese security firm has revealed just how deeply a single group of Chinese hackers was able to penetrate an industry at the core of the Taiwanese economy, pillaging practically its entire semiconductor industry.At the Black Hat security conference today, researchers from the Taiwanese cybersecurity firm CyCraft plan to present new details of a hacking campaign that compromised at least seven Taiwanese chip firms over...…Taiwan has faced existential conflict with China for its entire existence and has been targeted by China's state-sponsored hackers for years. But an investigation by one Taiwanese security firm has revealed just how deeply a single group of Chinese hackers was able to penetrate an industry at the core of the Taiwanese economy, pillaging practically its entire semiconductor industry.At the Black Hat security conference today, researchers from the Taiwanese cybersecurity firm CyCraft plan to present new details of a hacking campaign that compromised at least seven Taiwanese chip firms over...WW…

mysteries and injustices of the McDonald’s ice cream machine, the one that Jeremy O’Sullivan insists you understand first is its secret passcode.Press the cone icon on the screen of the Taylor C602 digital ice cream machine, he explains, then tap the buttons that show a snowflake and a milkshake to set the digits on the screen to 5, then 2, then 3, then 1. After that precise series of no fewer than 16 button presses, a menu magically unlocks. Only with this cheat code can you access the machine’s vital signs: everything from the viscosity setting for its milk and sugar ingredients to the...…mysteries and injustices of the McDonald’s ice cream machine, the one that Jeremy O’Sullivan insists you understand first is its secret passcode.Press the cone icon on the screen of the Taylor C602 digital ice cream machine, he explains, then tap the buttons that show a snowflake and a milkshake to set the digits on the screen to 5, then 2, then 3, then 1. After that precise series of no fewer than 16 button presses, a menu magically unlocks. Only with this cheat code can you access the machine’s vital signs: everything from the viscosity setting for its milk and sugar ingredients to the...WW…

hack-and-leak operations and disinformation campaigns that roiled the 2016 US election, the country braced for a second round of no-holds-barred foreign interference last year. But US intelligence agencies have now confirmed that didn't entirely come to pass. The 2020 election was hit with meddling, trolling, and disinformation operations like those of 2016—but not the outright efforts to hack election infrastructure or political campaigns themselves.On Tuesday, the Office of the Director of National Intelligence released a that outlines findings from US intelligence agencies including the...…hack-and-leak operations and disinformation campaigns that roiled the 2016 US election, the country braced for a second round of no-holds-barred foreign interference last year. But US intelligence agencies have now confirmed that didn't entirely come to pass. The 2020 election was hit with meddling, trolling, and disinformation operations like those of 2016—but not the outright efforts to hack election infrastructure or political campaigns themselves.On Tuesday, the Office of the Director of National Intelligence released a that outlines findings from US intelligence agencies including the...WW…

earlier this week that Chinese hackers were , the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it's becoming clear just many email servers they hacked. By all appearances, the group known as Hafnium breached as many victims they could find across the global internet, leaving behind backdoors to return to later.Hafnium has now exploited zero-day vulnerabilities in Microsoft's Exchange servers' Outlook Web Access to indiscriminately compromise no fewer than tens of thousands...…earlier this week that Chinese hackers were , the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it's becoming clear just many email servers they hacked. By all appearances, the group known as Hafnium breached as many victims they could find across the global internet, leaving behind backdoors to return to later.Hafnium has now exploited zero-day vulnerabilities in Microsoft's Exchange servers' Outlook Web Access to indiscriminately compromise no fewer than tens of thousands...WW…

Donald Trump and a slew of other far-right users , many of them became digital refugees, migrating to sites like Parler and Gab to find a home that wouldn't moderate their hate speech and disinformation. Days later, Parler was , knocking the site offline. Now Gab, which inherited some of Parler's displaced users, has been badly hacked too. An enormous trove of its contents has been stolen—including what appears to be passwords and private communications.On Sunday night the WikiLeaks-style group Distributed Denial of Secrets is revealing what it calls GabLeaks, a collection of more than 70...…Donald Trump and a slew of other far-right users , many of them became digital refugees, migrating to sites like Parler and Gab to find a home that wouldn't moderate their hate speech and disinformation. Days later, Parler was , knocking the site offline. Now Gab, which inherited some of Parler's displaced users, has been badly hacked too. An enormous trove of its contents has been stolen—including what appears to be passwords and private communications.On Sunday night the WikiLeaks-style group Distributed Denial of Secrets is revealing what it calls GabLeaks, a collection of more than 70...WW…

For all the nation-state hacker groups that the —and even —only the Russian military intelligence group known as Sandworm has been brazen enough to trigger actual blackouts, shutting the lights off in . Now one grid-focused security firm is warning that a group with ties to Sandworm’s uniquely dangerous hackers has also been actively targeting the US energy system for years.On Wednesday, industrial cybersecurity firm Dragos published its annual report on the state of industrial control systems security, which names four new foreign hacker groups focused on those critical infrastructure...…For all the nation-state hacker groups that the —and even —only the Russian military intelligence group known as Sandworm has been brazen enough to trigger actual blackouts, shutting the lights off in . Now one grid-focused security firm is warning that a group with ties to Sandworm’s uniquely dangerous hackers has also been actively targeting the US energy system for years.On Wednesday, industrial cybersecurity firm Dragos published its annual report on the state of industrial control systems security, which names four new foreign hacker groups focused on those critical infrastructure...WW…

View more years after a began wantonly onto the internet, the question that debacle raised—whether any intelligence agency can prevent its "zero-day" stockpile from —still haunts the security community. That wound has now been reopened, with evidence that Chinese hackers obtained and reused another NSA hacking tool years before the Shadow Brokers brought it to light.On Monday, the security firm Check Point revealed that it had discovered evidence that a Chinese group known as APT31, also known as Zirconium or Judgment Panda, had somehow gained access to and used a Windows-hacking tool known...…View more years after a began wantonly onto the internet, the question that debacle raised—whether any intelligence agency can prevent its "zero-day" stockpile from —still haunts the security community. That wound has now been reopened, with evidence that Chinese hackers obtained and reused another NSA hacking tool years before the Shadow Brokers brought it to light.On Monday, the security firm Check Point revealed that it had discovered evidence that a Chinese group known as APT31, also known as Zirconium or Judgment Panda, had somehow gained access to and used a Windows-hacking tool known...WW…

The list of sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even . Now add another tool for audio spies: Any light bulb in a room that might be visible from a window.Researchers from Israeli's Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call "." They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that's hundreds...…The list of sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even . Now add another tool for audio spies: Any light bulb in a room that might be visible from a window.Researchers from Israeli's Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call "." They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that's hundreds...WW…