Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
As the Biden administration nears its end, the White House issued a A 40-page executive order Thursday aims to strengthen federal cybersecurity protections and placing guardrails to the US government’s use of artificial intelligence. WIRED also spoke with the outgoing US Ambassador for Cyberspace and Digital Policy, Nathaniel Vick, on the need for the Trump administration not to submit to Russia and China In the global race for technical dominance. Outgoing FCC Chair Jessica Rosenworcel details for WIRED Threats facing US telecommunications companies, at least nine of which were recently hacked by hackers from Chinese company Salt Typhoon. Meanwhile, US officials are still scrambling to deal with multiple espionage campaigns and other data breaches, with new revelations this week about the AT&T hack that was revealed last summer. FBI hacked call and text logs that could reveal the identity of anonymous sources.
Huione Daman, the massive online marketplace that researchers say provides a range of services to online scammers, is expanding its offerings to include a range of… The messaging app, stablecoin and cryptocurrency exchange has facilitated massive transactions worth $24 billionaccording to new research. The new results indicate this GitHub’s efforts to eliminate the use of deep porn are insufficient. WIRED has taken a deep dive A murky world of predictive travel monitoring and data-pumping companies and governments International travelers have turned to artificial intelligence tools aimed at detecting people who might pose a “threat.”
But wait, there’s more! Every week we round up security and privacy news that we haven’t covered in depth ourselves. Click on the titles to read the full stories. And stay safe out there.
China is spies, the United States is spies, everyone is spies. Mutual espionage is a geopolitical game played by almost every country in the world. So, when the US government singles out a single hacker for espionage, names him, and targets him for sanctions, he must have spied aggressively—or effectively—enough to anger powerful people.
The US Treasury Department on Friday imposed sanctions on Yin Kecheng, a 39-year-old Chinese man accused of involvement in the hack of nine US telecom companies carried out by the Chinese hacker group known as Salt Typhoon, as well as another recent hack of a US telecommunications network. US Treasury. In a statement about the news, the Treasury Department claimed that Yin was affiliated with China’s Ministry of State Security and had been a “cyber actor” for more than a decade. It also imposed sanctions on Sichuan Juxinhe Network Technology, a company the Treasury says is also linked to Salt Typhoon.
The Salt Typhoon hack of US communications gave Chinese hackers massive access to Americans’ real-time text messages and phone calls, and was reportedly used to spy on President-elect Donald Trump and Vice President-elect J.D. Vance, among other targets. FBI Director Christopher Wray Named Communications breach “China’s most significant cyber espionage campaign in history.”
While the Treasury Department is responding to Chinese espionage, it is also still working to determine the scope of the breach carried out by some of these same hackers within its network. An internal Treasury Department report obtained by Bloomberg found that hackers breached at least 400 of the agency’s computers and stole more than 3,000 files in the latest breach. The report found that the espionage-focused hack appeared to have targeted sanctions and law enforcement information, as well as other intelligence materials. Despite this broad access, the hackers were unable to access Treasury emails or confidential parts of its network, the report states, nor did they leave behind malware that might indicate an attempt to maintain long-term access.
The Justice Department revealed this week that the FBI carried out an operation to delete a sample of malware known as PlugX from 4,200 computers around the world. The malware, which is typically transferred to computers via infected USB drives, has persisted for at least a decade and has sometimes been used by state-sponsored Chinese hacker groups to target Chinese dissidents. In July last year, cybersecurity firm Sekoia and French law enforcement authorities seized control of the command and control server behind the malware. This week, the FBI obtained a court order allowing the bureau to send a self-destruct command for software on infected devices.
Following news earlier this week of a cyberattack in December that compromised US education technology platform PowerSchool, school districts targeted in the hack told TechCrunch on Thursday that the attackers had access to “all” student and teacher data stored in their accounts. PowerSchool is used by more than 60 million K-12 students in the United States. The hackers gained access to the information by stealing login credentials that granted them access to the company’s customer support portal. The attack has not yet been publicly linked to a specific port. PowerSchool has not yet revealed the exact number of schools affected nor whether all of its customers have been affected.
