Search Results for “Wired”

May 9, 2020
Lily Hay Newman / Wired

Lily Hay Newman / Wired  
In-Person DEFCON and Black Hat Conferences Are Canceled This Year For Real, DEFCON Will Continue in ‘Safe Mode’ Virtual Format

After the infosec community joked for years that DEFCON, the preeminent hacker conference held every year in Las Vegas, would be canceled, this year, due to the coronavirus, the in-person version of DEFCON, along with the in-person version of its sister conference Black Hat, has been canceled for real. Both events will now shift to virtual mode.  The founder of both events, Jeff Moss, also known as the Dark Tangent, said in a forum post that the 28th Defcon would be known as “Safe Mode,” a play on what most operating systems use for their diagnostic and recovery mode. The conference organizing team will begin to coordinate talks, help facilitate subject-specific “villages” that are usually independent in-person events, and host events like remote capture-the-flag hacker challenges, remote Ham radio licensure exams, movie nights, and a Mystery Challenge.

Related: Dark Tangent, Reddit – cybersecurity,, ZDNet, Neowin, Slashdot

Tweets:@defcon @harrihursti @steve_tornio @runasand @tactifail @racheltobac @marcwrogers @find_evil @snubs @hacks4pancakes

Dark Tangent: DEF CON 28 has entered “Safe Mode with Networking” I have shut down the in person conference
Reddit-hacking: Black Hat and DEF CON security conferences to take place in a virtual format | ZDNet Black Hat and Def Con security conferences go virtual due to pandemic
ZDNet: Black Hat and DEF CON security conferences to take place in a virtual format
Neowin: DEF CON 2020 to take place online on Discord, Las Vegas conference cancelled
Slashdot: In-Person DEF CON 28 Event Is Canceled

@defcon: The @thedarktangent blog post on the #defconiscancelled situation is here: Please read and share. Thank you. #defconlovesyou #StaySafe
@harrihursti: In-person @DEFCON is officailly cancelled. The annual hoax announcement is not a hoax this time. @VotingVillageDC will organize a virtual event. Stay tuned!
@steve_tornio: Defcon and Black Hat may be cancelled, but MGM and Caesars staff will still be coming to your house unannounced to rifle through your things.
@runasand: Do I need a burner phone for virtual defcon or no
@tactifail: Interesting thing about @defcon 28. If you look at the ASCII table, you’ll notice that there is no octal value for 28 because 28 in octal doesn’t exist; it goes right from 027 to 030. 030 is the CAN character. For “canceled”. Coincidence? I think not.
@racheltobac: With the number of folks buying @defcon swag on eBay right now I’m just going to come right out and say that we should keep our heads on a swivel for an “eBay package delay” phish. It won’t be from me, but I bet we’ll see at least one in the community Robot faceSign of the hornsFishing pole and fish
@marcwrogers: DEF CON is officially cancelled. we will be putting on an online event instead. Details in the post. #DEFCON #DEFCONisCANCELLED
@find_evil: #DEFCON may be canceled IRL for the first time ever but the virtual event will still proceed — and I, for one, am looking forward to it ?
@snubs: YALL. DEF CON is actually, really cancelled. #defcon @defcon Everyone in charge made the right choice. Thank you @thedarktangent and all involved for considering our health and safety a priority. ??
@hacks4pancakes: What’s something good you hope comes out of @defcon Safe Mode? Positive thoughts and ideas only. Go!

June 13, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
Researchers Develop ‘Lamphone’ Technique That Can Eavesdrop on a PC via Vibrations on Nearby Light Bulb’s Surface

Researchers from Israel’s Ben-Gurion University of the Negev and the Weizmann Institute of Science revealed a new technique for long-distance eavesdropping they call “lamphone” that can be deployed via any light bulb in a room that might be visible from a window. The method allows anyone with a laptop and less than a thousand dollars of equipment, just a telescope and a $400 electro-optical sensor, to listen in on any sounds in a room that’s hundreds of feet away in real-time, by merely observing the minuscule vibrations, those sounds create on the glass surface of a light bulb inside.

June 24, 2020
Lily Hay Newman / Wired

Lily Hay Newman / Wired  
Google Announces Series of Privacy-Focused Improvements Including Auto-Delete Features for Activity, Location Data Every 18 Months

Google announced a series of privacy-focused improvements under what Google CEO Sundar Pichai says are “three important principles” of privacy. Among the new features is an auto-delete feature for activity and location every 18 months for new accounts. YouTube history will delete every 36 months. Existing accounts, though, will still need to proactively turn on the feature, because Google doesn’t want to force a change on users who, for whatever reason, want the company to maintain a forever-record of their activity. As soon as existing users turn on this feature, the company will delete accumulated activity and location data that’s 18 months or older, and continue to do so going forward.  Google is also surfacing its existing Incognito Mode in its Search, Maps, and YouTube mobile apps. Finally, Google is promoting its Security Checkup feature, which helps walk users through their security and privacy settings.

Related: Bloomberg Technology, CNET,, The Guardian, VentureBeat, Associated Press Technology, 9to5Google, Android Central, Axios,, Tech Insider, Protocol, Silicon Republic, Tech Xplore The Verge, Google, iTnews – Security,BGR, Trusted Reviews, Android Police, Tech Xplore,, The Verge, The Economic Times, Axios, SecurityWeek, The Chosun Ilbo, Pocket-lint, xda-developers, SlashGear » security, Silicon Republic, Vox

Tweets:@sundarpichai @geoffreyfowler

Bloomberg Technology: Google Will Now Auto-Delete More User Data After 18 Months – Bloomberg Law
CNET: Google makes auto-deleting data the default for new accounts Google tweaks privacy settings to keep less user data
The Guardian: Google says it will no longer save a complete record of every search
VentureBeat: Google will auto-delete YouTube, search, and location history for some users by default
Associated Press Technology: Google tweaks privacy settings to keep less user data
9to5Google: Google making Incognito Mode a long press away across Android and iOS apps
Android Central : The Jumbo Privacy app adds new ways for Android users to protect their data
Axios: Google to limit how long it hangs on to some data Google Will Auto-Delete Data It Collects On You – But There’s A Catch
Tech Insider: Google is revamping its privacy policies and says it will now auto-delete search and location data by default for new users (GOOG)
Protocol: Google’s new magic number for storing personal data: 18 months
Silicon Republic: Sundar Pichai announces new Google privacy features
Tech Xplore: Google tweaks privacy settings to keep less user data
The Verge: Google will now auto-delete location and search history by default for new users
Google: Keeping your private information private
iTnews – Security: New Google default wipes users’ location, web history after 18 months
BGR: Google continues to slowly give users more control over their own data
Trusted Reviews: Google will delete activity data by default, but there’s a catch
Android Police: New Google accounts will have stronger default location and web privacy settings
Tech Xplore: Google tweaks privacy settings to keep less user data Google tweaks privacy settings to keep less user data
The Verge: Google will now auto-delete location and search history by default for new users
The Economic Times: Google tweaks privacy settings to keep less user data
Axios: Google to limit how long it hangs on to some data
SecurityWeek: Google Tweaks Privacy Settings to Keep Less User Data
The Chosun Ilbo: Google Tweaks Privacy Settings to Keep Less User Data
Pocket-lint: Google will automatically delete new users’ personal data after 18 months
xda-developers: Google will now automatically delete Web & App activity, Location history, and YouTube search history for new users
SlashGear » security: Google will now auto-delete your data – but don’t get complacent
Silicon Republic: Sundar Pichai announces new Google privacy features
Vox: How to make sure Google automatically deletes your data on a regular basis

@sundarpichai: Privacy is at the heart of everything we do, and we’ll keep challenging ourselves to do more with less. As a next step, today we’re changing our data retention practices to make auto-delete the default for our core activity settings.
@geoffreyfowler: Auto-deleting some of our data after 18 months is a good thing. But how about not collecting so much of in the first place, Google?

April 28, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
PhantomLance Campaign Hid Data-Stealing Malware in Google Play Store to Target Users in Vietnam, Bangladesh, Indonesia and India, Vietnam’s APT32 Group Tied to the Campaign

In a hacking campaign called PhantomLance, nation-state spies hid data-stealing malware in the Google Play Store to target users in Vietnam, Bangladesh, Indonesia, and India, researchers at Kaspersky Lab report. PhantomLance’s hackers smuggled in the apps to infect only some hundreds of users, with the campaign likely sending links to the malicious apps to those targets via phishing emails. PhantomLace is tied to the hacker group OceanLotus, also known as APT32, widely believed to be working on behalf of the Vietnamese government, Kaspersky says. Google says it has taken actions against all the apps identified by the Kaspersky researchers.

Related: Business Wire Technology News, Dark Reading: Mobile, SecurityWeek, Reddit – cybersecurity, ZDNet Security,, Cyberscoop,


April 23, 2020
Lily Hay Newman / Wired

Lily Hay Newman / Wired  
More Than Twelve State-Sponsored Hacking Groups Use Coronavirus Phishing Emails to Lure Victims, Distribute Malware, Google

More than twelve state-sponsored hacking groups are using the coronavirus to craft phishing emails and attempt to distribute malware, Google’s Threat Analysis Group (TAG) reports. Google says its security systems have detected “examples ranging from fake solicitations for charities and NGOs to messages that try to mimic employer communications to employees working from home to websites posing as official government pages and public health agencies.” One notable campaign tried to target the personal accounts of U.S. government employees with phishing lures using American fast-food franchises and COVID-19 messaging, offering free coupons and suggesting the victims visit free food delivery sites. Google has also seen nation-states posing as health organizations as well as targeting health organizations directly.

Related: Mashable, Boing Boing, Google, iTnews – Security,,, Reuters: Business News, Engadget, The Hill, RAPPLER, SecurityWeek, Digital Journal

Tweets:@mrisher @ryanaraine

April 20, 2020
Lily Hay Newman / Wired

Lily Hay Newman / Wired  
Cloudflare Launches Site to Promote Awareness of Internet Providers’ Unstable BGP Practices

Because disruptions in internet data routing standard Border Gateway Protocol (BGP) have allowed significant amounts of web traffic to take unexpected detours through foreign infrastructure, Cloudflare has launched “Is BGP Safe Yet?,” a site that makes it easier for anyone to check whether their internet service provider has added the security protections and filters that can make BGP more stable. Cloudflare estimates that about half of the internet is better protected from these disruptions due to efforts from major companies such as AT&T, the Swedish telecom Telia, and the Japanese telecom NTT adopting BGP improvements. However, other major internet companies such as Comcast have failed to implement the necessary BGP protection, and Cloudflare seeks to raise awareness of these failings with its new site.

April 17, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
Google and Apple Face as Host of Privacy-Related Questions Regarding Their Proposed COVID-19 Tracing Apps, As Well as Fears of Surveillance and False-Positive Emotional Turmoil

When announcing last week that they will jointly develop COVID-19 tracing apps, Apple and Google said that starting next month they’ll add new features to their mobile operating systems that make it possible for certain approved apps, run by government health agencies, to use Bluetooth radios to track physical proximity between phones. If someone later receives a positive COVID-19 diagnosis, they can report it through the app, and any users who have been in recent contact will receive a notification. The system will be entirely opt-in, with no location data and only positive coronavirus users reported. Security and privacy experts have nevertheless pointed to serious privacy flaws with the proposed tracing system, including the fundamental questions of whether users are signing up for a surveillance system or will subject themselves to a more intrusive ad delivery system. On top of that is the emotional turmoil any false-positive tests may cause individuals.

Related: The Daily Swig, IT World Canada, Popular Science, Axios, Computer Business Review, The Sun, Roll Call, TechTarget, Startups News | Tech News, The Daily Swig, iMore, Android Central , The Register – Security, Pocket-lint, Pocket-lint, WRAL Tech Wire, MacRumors, Fortune, Business Insider, VentureBeat, AppleInsider, The Hacker News, MacDailyNews

The Daily Swig: Coronavirus: UK contact-tracing app raises privacy concerns
IT World Canada: Federal privacy commissioner issues framework for COVID-19 measures
Popular Science: Can smartphone apps track COVID-19 without violating your privacy?
Axios: Bluetooth-based coronavirus contact tracing finds broad support in tech and government
Computer Business Review: Europe Publishes Contact-Tracing App Guidelines
The Sun: Government’s London-centric coronavirus plan to ditch contract tracing, blasted by expert
Roll Call: ACLU cautiously approves COVID-19 tracking apps
TechTarget: EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing
Startups News | Tech News: IoT tech startup Nodle launches Coalition, a free, privacy-first contact tracing app to help stop the spread of coronavirus (COVID-19)
The Daily Swig: Coronavirus contact-tracing apps are worse than useless – Schneier
iMore: UK’s NHS clashes with Google and Apple over contact tracing
Android Central : UK’s NHS clashes with Google and Apple over contact tracing
The Register – Security: Europe publishes draft rules for coronavirus contact-tracing app development, on a relaxed schedule
Pocket-lint: The EU has published draft rules for how contact tracing apps should work
Pocket-lint: How the NHSX coronavirus contact-tracing app will work
WRAL Tech Wire: Will contact tracing via apps help fight pandemic at risk of personal privacy?
MacRumors: Apple and Google in ‘Standoff’ With UK Health Service Over COVID-19 Contact Tracing App
Fortune: Researchers working on ‘contact tracing’ say they welcome Apple and Google’s help
Business Insider: The UK scrambles to launch its COVID-19 contact-tracing app, after getting derailed by Apple and Google
VentureBeat: ProBeat: Apple and Google’s contact detection API will fail, but they should build it anyway
AppleInsider: Security experts have concerns about Apple and Google contact tracing
The Hacker News: Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices
MacDailyNews: ACLU has concerns with Apple-Google’s COVID-19 contact-tracing plan

April 11, 2020

Is Winnti Group running front companies to hide its malware?

Winnti Group has appeared time and time again in recent months, but a new report released this week shows that the group may be getting sloppy. Greg Otto and Shannon Vavra break down what malware the group is using, how they may be tied to a company known as “World Wired Labs,” and what it tells us about the Chinese cybercrime underground.

April 9, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
Three Academic Teams Are Racing to Develop COVID-19 Contact Tracing Apps That Flatten the Curve on Government Snooping and Virus Infections At the Same Time

Teams of researchers are racing to develop COVID-19 contact tracing apps that notify potentially exposed users without handing over location data to the government, even going so far to focus on developing systems that keep infected users’ identity private while still notifying those who have come in contact with those users. The groups that are attempting to “flatten the curve” on authoritarianism, as well as the number of infections, include COVID Watch, led by Stanford computer scientist Cristina White, an MIT project called Private Kit: Safe Paths, and a project proposed to the Canadian government by a group of computer scientists from the University of Pennsylvania, the University of Toronto, and McGill University. The three teams are all collaborating with each other to some degree.

June 16, 2020
Lily Hay Newman / Wired

Lily Hay Newman / Wired  
Publicly Accessible AWS Buckets Exposed 845 Gigabytes, 2.5 Million Records on Dating Apps’ Users

Security researchers Noam Rotem and Ran Locar of vpnMentor discovered a collection of publicly accessible Amazon Web Services “buckets,” each of which contained a trove of data from a different specialized dating app, including 3somes, Cougary, Gay Daddy Bear, Xpal, BBW Dating, Casualx, SugarD, Herpes Dating, and GHunt. The researchers found a total of 845 gigabytes and close to 2.5 million records, likely representing data from hundreds of thousands of users. The information was particularly sensitive and included sexually explicit photos and audio recordings.