SIM swap
Cybercrime Featured Government People Technology

SIM Swappers Stole $100 Million from ‘Well-Known Influencers’ Before Getting Arrested, Authorities Say

An international law enforcement operation arrested ten suspected hackers who are accused of targeting U.S. celebrities with SIM swapping attacks that netted them $100 million in cryptocurrency. “Well-known sports stars, musicians, and influencers” were targeted in the scheme, which involved exploiting phone service providers to deactivate a victim’s SIM and transferring the number to one owned by a member of the criminal network. This let the attackers intercept messages directed to the victims, allowing them to hijack accounts, steal money, and masquerade as the victims on social media, authorities said…

server racks
Cybercrime Featured Technology

Hackers Targeted Work-From-Home Technology and Avoided Adobe Products Last Year

In 2015, eight of the top ten most exploited vulnerabilities involved Adobe products. But in 2020, no Adobe products made the list, according to new data. Instead, cybercriminals focused their attention on vulnerabilities in remote-work technology, such as Citrix’s Application Delivery Controller, PulseSecure’s Pulse Connect, and Oracle’s WebLogic, as well as widely-used Microsoft products…

Ares Hacker
Cybercrime Featured People Technology

An Interview With Ares, a Russian Coder Who Built a Swiss Army Knife for Hackers

In 2012, a Russian hacker who went by the moniker Ares received a routine email asking about Intercepter-NG, a popular tool he developed that can be used for traffic interception. The user was having difficulty—the tool would crash when he tried using it to parse large amounts of data—and Ares was quick to reply. “Man, you patch quick!” the user wrote in response. According to Ares, the messages came from [email protected], the email address used by NSA contractor Edward Snowden. About a year after their first conversation, Snowden would be living as a fugitive, wanted by the U.S. government for revealing thousands of classified documents to journalists….

authentication, digital id
Cybercrime Featured Government Technology

Federal Officials: COVID-19 Fraud Highlights Need for a New Digital Identity System

“We’ve seen how billions of dollars in fraud involving COVID-19 relief programs have exposed weaknesses in current identity and payment systems. These forced us to take a really hard look at how identity is managed, verified, and authenticated,” said Michael Mosier, deputy director of the Treasury Department’s Financial Crimes Enforcement Network, also known as FinCEN. “To get payments right, we have to get identity right and we have to do it in a way that preserves privacy while ensuring security in the system.” Lawmakers and other officials called on the Biden administration to focus on creating a new digital identification system that would make it harder for cybercriminals to steal from financial institutions and individuals…

Cybercrime Featured Government Technology

Global Operation Takes Down Part of Emotet, ‘World’s Most Dangerous Malware’

It’s been called the “king of malware,” “one of the most prevalent ongoing threats,” and “the world’s most dangerous malware.” And now a global law enforcement operation says they’ve seized control of it. On Wednesday, Europol announced that a collaborative effort between authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine disrupted the prolific malware operation by taking control of its infrastructure….

Featured Government Leadership Technology

‘Adopt the Adversarial Point of View:’ Cybersecurity Lessons From a National Intelligence Technology Leader

Amit Meltzer spent three decades working in Israel’s national security apparatus, including as chief technologist for Mossad, the country’s famed national intelligence agency. “The main reason I left was that my wife said: ‘Enough!’”

I caught up with Meltzer to talk about his time working in national intelligence and how it shaped his thinking on cybersecurity…

COVID-19 pandemic
Cybercrime Featured Nation-state Technology

3 Ways Hacks Exploiting the COVID-19 Crisis Have Evolved

Over the last year, the COVID-19 pandemic has been punctuated by a series of crises and developments: In February, the U.S. declared a public health emergency; In March, the economy contracted and unemployment skyrocketed; Relief packages were both passed and stalled in Congress throughout the year; And by December, vaccines were given emergency approval. With each of these events, hackers altered their techniques in an effort to capitalize on pandemic fears, according to a new report…

Featured Government Nation-state Technology

Researchers Find Links Between SolarWinds Campaign and Tools Used by Russian Hackers

Federal investigators still can’t say with certainty who was behind the recent hacking campaign that compromised countless government agencies and private companies. But cybersecurity researchers say they’ve found evidence linking tools used in the months-long espionage campaign to malware used by Russian cyber operators….

young hacker
Cybercrime Featured People Technology

The Year of the Teenage Hacker

The year 2020 was full of high-profile cyberattacks launched by criminal gangs and state-sponsored hackers. But dozens of headline-grabbing cybersecurity incidents and arrests this year involved teenagers—some of whom haven’t even graduated high school yet. As the coronavirus pandemic forced schools across the country to adopt distance learning programs and change the way they operate, some students—likely pent up at home with a lot of time and little to do that doesn’t involve a Wi-Fi connection—seem to have used it as an opportunity to hone their hacking skills…

Featured Government Technology

‘More of an Art Than a Science:’ Behind the Government’s Effort To Measure Cybersecurity

A dirty little secret of cybersecurity is that no one really knows how to measure it. To start filling that void, the U.S. government standards agency, the National Institute of Standards and Technology, is leading a big push to catalogue existing measurement systems and research new ones. NIST asked in September for public comments about how organizations measure their cybersecurity performance….