Search Results for “Wired”


May 18, 2020
David Shortell, Evan Perez / CNN

David Shortell, Evan Perez / CNN  
FBI Claims to Have Broken the Encryption on Pensacola Shooter’s iPhones Substantially Weakening the Government’s Push for Encryption Backdoors

Mohammed Alshamrani, a member of the Royal Saudi Air Force in training at Naval Air Station Pensacola who killed three U.S. sailors and wounded others at the base, was in touch with a suspected al Qaeda operative, according to the FBI broke which broke through the encryption protecting the Saudi attacker’s iPhones, sources say. If the Bureau did achieve this encryption breakthrough, the case made by the FBI and Attorney General William Barr for demanding backdoors into encrypted communications services and devices appears to be substantially weakened. Law enforcement said they had initially been unable to retrieve data stored on two iPhones belonging to the shooter, and they cited that hurdle in trying to complete their investigation of the attacker’s ideology and his radicalization.

Related: New York Times, Wall Street Journal, Forbes, Justice Department, MacRumors, Associated Press, Task & Purpose, Capital Gazette, The Sun, Business Insider, AOL, GANNETT Syndication Service, Newsweek, Yahoo! News, Bloomberg, RT USA, The Crime Report, Axios, Cult of Mac, USATODAY, AppleInsider, NBC News, Wired, The Register – Security, Cyberscoop, CNET, News : NPR, iDownloadBlog.com, Fortune, WCCFtech, ZDNet Security, AppleInsider, iMore, Cult of Mac, Patently Apple, Business Insider, The Sun, BuzzFeed News, Newsweek, iDownloadBlog.com, Appleosophy, MacRumors, Homeland Security Today, Zero Hedge, CBSNews.com,TechSpot, iPhone Hacks, The Mac Observer,Cult of Mac, The Guardian, UPI.com, TIME, Ars Technica, USATODAY, New York Post, AppleInsider, The Huffington Post , Capital Gazette, TIME, Heavy.com, Engadget, Slashdot, Daily Dot, Cyberscoop, Multichannel, Vox, WCCFtech, POLITICO, The Sun, USNI News, Business Insider, Fortune, Input, TribLIVE, emptywheel, PhoneArena, Channel News Asia, RT USA, Algemeiner.com, MacDailyNews, Reuters: U.S., France 24, The New Daily, The Verge, Slashdot, Washington Post, New York Times

Tweets:@dnvolz @adamgoldmanNYT @kevincollier @nakashimae @zackwhittaker @zackwhittaker @zackwhittaker @iblametom @karaswisher @macrumors @zackwhittaker @iblametom @dotmudge @DevlinBarrett @ahmed

New York Times: F.B.I. Is Said to Find Links Between Pensacola Gunman and Al Qaeda
Wall Street Journal: FBI Discovers al Qaeda Link in Pensacola Attack
Forbes: Feds Hack iPhones In Pensacola Terrorist Shooting Case, But Still Slam Apple For Not Helping
Justice Department: Attorney General William P. Barr and FBI Director Christopher Wray Announce Significant Developments in the Investigation of the Naval Air Station Pensacola Shooting
MacRumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
Associated Press: Pensacola gunman’s cellphones reveal meticulous planning for attack, FBI says
Task & Purpose: The FBI has evidence linking Al Qaeda to the NAS Pensacola shooting
Capital Gazette: Gunman accused of killing 3 sailors at Pensacola military base linked to al-Qaida, US official says
The Sun: Saudi student who shot dead 3 US sailors on Florida Naval Base ‘had been in contact with Al Qaeda’ in days before attack
Business Insider: The FBI found links to Al Qaeda after cracking the phones of the Saudi gunman who attacked a Florida naval base
AOL: Official: FBI finds link between Pensacola gunman, al-Qaida
GANNETT Syndication Service: Official: FBI finds link between NAS Pensacola gunman, al-Qaida
Newsweek: FBI Finds Florida Gunman Who Killed U.S. Sailors Was Linked to Al Qaeda After Breaking iPhone Encryption
Yahoo! News: FBI finds Al Qaeda link to Pensacola naval base shooting suspect: US official
Bloomberg: FBI Gets Into Pensacola Shooter’s iPhone, Finds an Al-Qaeda Tie
RT USA: Saudi pilot who went on gun rampage at Florida naval base linked to ‘Al-Qaeda operative’
The Crime Report: FBI Finds Link Between Pensacola Shooter, Al-Qaeda
Axios: FBI finds links between Pensacola gunman and Al Qaeda
Cult of Mac: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help
USATODAY: Feds connect al Qaeda contacts to deadly Pensacola Naval Air Station shooting
AppleInsider: FBI breaks iPhone security to uncover Pensacola shooter & Al Qaeda link
NBCNews: FBI: Pensacola gunman prodded by al Qaeda to attack
Wired: The FBI Backs Down Against Apple—Again
The Register – Security: Attorney General: We didn’t need Apple to crack terrorist’s iPhones – tho we still want iGiant to do it in future
Cyberscoop: U.S. officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple
CNET: FBI slams ‘Apple problem’ as it unlocks Pensacola shooter’s iPhones – CNET
News : NPR: FBI: New iPhone Evidence Shows Pensacola Shooter Had Ties To Al-Qaida
iDownloadBlog.com: The FBI has reportedly bypassed the security on the Pensacola mass shooter’s iPhone
Fortune: FBI: “We received effectively no help from Apple” in accessing Pensacola Shooter’s iPhones
WCCFtech: FBI Hacks Florida Shooter’s iPhones without Apple’s Help & Finds al Qaeda Link
ZDNet Security: FBI criticizes Apple for not helping crack Pensacola shooter’s iPhones
AppleInsider: Apple rejects ‘false claims’ by Justice Department regarding Pensacola investigation
iMore: Apple denies “false claims” by Justice Department over Pensacola attack
Cult of Mac: FBI attacks Apple for ‘no help’ unlocking Florida attacker’s iPhone; Apple rejects ‘false’ claims
Patently Apple: DOJ and FBI described crucial data found on the Pensacola Terrorist’s iPhones today in a news Conference, without Apple’s Assistance
Business Insider: The FBI found links to Al Qaeda after cracking the phones of the Saudi gunman who attacked a Florida naval base
The Sun: Saudi student who shot dead 3 US sailors on Florida Naval Base ‘had been in contact with Al Qaeda’ in days before attack
BuzzFeed News: The Pensacola Naval Base Shooter Had Longtime “Significant Ties” To Al-Qaeda
Newsweek: FBI Finds Florida Gunman Who Killed U.S. Sailors Was Linked to Al Qaeda After Breaking iPhone Encryption
iDownloadBlog.com: The FBI has reportedly bypassed the security on the Pensacola mass shooter’s iPhone
Appleosophy: Apple Fires Back at FBI and Attorney General William Barr Regarding Florida Shooter’s iPhone
MacRumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
Task & Purpose: The FBI has evidence linking Al Qaeda to the NAS Pensacola shooting
MacRumors: Apple Calls FBI Comments on Lack of Help Unlocking Florida Shooter’s iPhone an ‘Excuse to Weaken Encryption’
SlashGear » security: Apple blasts Barr over iPhone lock “false claims” in Pensacola shooter case
Homeland Security Today: FBI: Pensacola Shooter Tied to AQAP Before Coming to the U.S., Discussed Attack
Zero Hedge: FBI Cracks Into Pensacola Shooter’s iPhone, Find “Significant Ties” To Al Qaeda
CBSNews.com: Saudi shooter in Florida air base attack had ties to al Qaeda
TechSpot: Officials still want backdoor into cellphones after cracking two iPhones without help
Yahoo! News: U.S. Supreme Court heaps more damages on Sudan in embassy bombing cases
iPhone Hacks: FBI Has Reportedly Unlocked One of the iPhones Used by Mass Shooter in Florida Last Year
The Mac Observer: FBI Bypasses Encryption on Pensacola Attacker’s iPhones
Cult of Mac: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help
The Guardian: Pensacola gunman’s cellphones reveal meticulous planning for attack, FBI says
UPI.com: FBI: Agents unlocked phones to tie Pensacola gunman Mohammed Saeed Alshamrani to al-Qaida
TIME: Gunman in Deadly Pensacola Military Base Attack Linked to al-Qaida, FBI Says
Ars Technica: iPhone crypto hid al-Qaida link to naval base shooting, AG fumes
USATODAY: Feds connect al Qaeda contacts to deadly Pensacola Naval Air Station shooting
New York Post: FBI found al Qaeda’s link to Pensacola shooter through iPhones
AppleInsider: FBI breaks iPhone security to uncover Pensacola shooter & Al Qaeda link [u]
The Huffington Post : FBI Says It Found Links Between Pensacola Gunman And Al-Qaeda
Capital Gazette: Gunman accused of killing 3 sailors at Pensacola military base linked to al-Qaida, US official says
Stars and Stripes: FBI: Shooter at Naval Air Station Pensacola had link to al-Qaida
TIME: Gunman in Deadly Pensacola Military Base Attack Linked to al-Qaida, FBI Says
Ars Technica: iPhone crypto hid al-Qaida link to naval base shooting, AG fumes
Heavy.com: Pensacola, Florida Gunman Mohammed Alshamrani Link to Al-Qaida Found
Engadget: AG Barr seeks ‘legislative solution’ to make companies unlock phones
Daily Dot: FBI unlocks Pensacola shooter’s iPhone despite Apple’s opposition
Multichannel: AG Barr Hammers Apple in Terrorism Case Announcement
Vox: Why Attorney General Bill Barr is mad at Apple
Heavy.com: Pensacola, Florida Gunman Mohammed Alshamrani Link to Al-Qaida Found
POLITICO: Pensacola gunman was working with al Qaeda, FBI finds
USNI News: FBI Says Unlocked iPhone Messages Link NAS Pensacola Shooter to Al Qaeda; AG Barr Says Incident was ‘Act of Terrorism’
Input: FBI breaks into Pensacola shooter’s iPhone after six months, revealing al Qaeda links
TribLIVE: FBI: Shooter at Pensacola military base linked to al-Qaida
emptywheel: Bill Barr and Chris Wray Schedule a Press Conference to Admit Trump Let an Al Qaeda Terrorist onto Our Military Base
PhoneArena: Who is lying, Apple or Attorney General William Barr?
Channel News Asia: FBI phone probe links al Qaeda to Saudi who killed 3 at Florida base
RT USA: Saudi pilot who went on gun rampage at Florida naval base linked to ‘Al-Qaeda operative’
Algemeiner.com: FBI Phone Probe Links Al Qaeda to Saudi Shooter Who Killed Three at Florida Navy Base
MacDailyNews: Apple rejects ‘false claims’ by Justice Department regarding Islamic terrorist attack in Pensacola
Reuters: U.S.: FBI phone probe links al Qaeda to Saudi who killed three at Florida base, Barr says
France 24: FBI says al Qaeda linked to Saudi shooter at Florida naval base
The New Daily: FBI links al-Qaeda to US base shooting
MacDailyNews: FBI cracks iPhone encryption, links al Qaeda to Islamic terrorist who killed three at Florida naval base
MacDailyNews: Apple rejects ‘false claims’ by Justice Department regarding Islamic terrorist attack in Pensacola
CNN.com: FBI delivers to America a chilling reminder about al Qaeda
Input: FBI breaks into Pensacola shooter’s iPhone after six months, revealing al Qaeda links
The Verge: The FBI successfully broke into a gunman’s iPhone, but it’s still very angry at Apple
Washington Post: Attorney general and FBI director blast Apple after tracing Pensacola gunman’s phone to al-Qaeda
New York Times: F.B.I. Finds Links Between Pensacola Gunman and Al Qaeda

@dnvolz: Sound familiar? FBI gets into iPhone belonging to dead terrorist that they said months ago they could not unlock.
@adamgoldmanNYT: The F.B.I. found the gunman, a Saudi Air Force cadet training with the American military, had communicated with a Qaeda operative who had encouraged the attacks
@kevincollier: "Breaking encryption" on an iPhone has a specific meaning and enormous consequences. I really hope those making that claim today wouldn't do so without backing it up.
@nakashimae: FBI Director Chris Wray: "We received effectively no help from Apple" in accessing the Pensacola shooter's iPhones.
@zackwhittaker: Apple in January: "The FBI only notified us on January 6 that they needed additional assistance—a month after the attack occurred. Only then did we learn about the existence of a second iPhone associated with the investigation and the FBI's inability to access either iPhone."
@zackwhittaker: Apple also said at the time it responded to six more legal requests for information between Dec. 7 and Dec. 14, and that it provided iCloud backups, account information and transactional data for multiple accounts.
@zackwhittaker: It's not that Apple provided "effectively no help" to the FBI. It's that Apple didn't acquiesce to the wants and wishes of the government and backdoor its own devices. We almost had an entire court case about this — but the FBI bottled it.
@iblametom: New - The FBI hacks into the iPhones of Pensacola shooter, finds links to Al Qaeda. But director Chris Wray still says Apple should've helped and its delays caused real problems.
@karaswisher: Looks like the government can do what it said it could not do
@macrumors: FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help https://macrumors.com/2020/05/18/fbi-reportedly-accessed-alshamrani-iphone/ by @rsgnl
@zackwhittaker: ACLU statement is extremely Nail polish "The boy who cried wolf has nothing on the agency that cried encryption."
@iblametom: Source at FBI told me they chose the wrong battle with Pensacola too... they’ve been able to get into iPhone 5 and 7 for some time.
@dotmudge: Two things: 1 - AQAP (Al Qaeda Arabian Peninsula) linked terrorist attack on US soil, and it barely makes the news cycle 2 - investigations show accessing iPhones on one-off’s continues to negate necessity to drop user crypto protections at large
@DevlinBarrett: Attorney general and FBI director crank up their encryption fight with Apple, blasting the company after agents traced data on a Pensacola gunman’s phone to al-Qaeda
@ahmed: FBI says Saudi shooter at Pensacola base was in touch with al-Qaeda leaders, accuses Apple of wasting “valuable time” by refusing to unlock his phone to investigators


May 15, 2020
David Gilbert / Vice News

David Gilbert / Vice News  
REvil Ransomware Attackers Double Ransom Demand for High-Profile Celebrity Law Firm, Claim They Have Dirt on Trump

The anonymous hackers who crippled the computer systems of high-profile celebrity law firm Grubman Shire Meiselas & Sacks, claiming to have stolen 756GB of highly-confidential documents including contracts, now say they’ve doubled the ransom demanded to $42 million and say they have direct dirt on Donald Trump.  The hackers made a direct plea to Trump to get him to persuade the law firm to pay up. The ransomware used in the attack is known as REvil or Sodinokibi and is the same malicious software used in the foreign exchange Travelex hack earlier this year.

Related: Daily Mail, AlterNet.org, VICE News, NDTV Gadgets360.com, SC Magazine, TechNadu, Yahoo News, Daily Beast, The Sun, Business Insider, HackRead, Related: WND, Tech Insider, ibtimes.sg : Top News, Reddit-hacking, Boing Boing, Variety, Wired

Tweets:@underthebreach @malwrhunterteam

Daily Mail: Hackers ‘who stole secret files from celebrity lawyer DOUBLE their ransom to $42million’
AlterNet.org: Hackers claim they’ve got Trump’s ‘dirty laundry’ — and demand $42 million ransom to keep it private
VICE News: Hackers Say They Have Trump’s ‘Dirty Laundry’ and Want $42 Million to Keep It Secret
NDTV Gadgets360.com: Celebrity Law Firm Representing Priyanka Chopra Hacked, Attackers Demand $42 Million Ransom: Reports
SC Magazine: REvil hackers double ransom for celebrity law firm, threaten to release Trump ‘dirty laundry’ | SC Media
TechNadu: The REvil Group Now Threatens the President of the United States
Yahoo News: ‘REvil’ Hackers Double Their Allen Grubman Ransom Demand To $42m, Threaten To Dump Donald Trump Dirt
Daily Beast: ‘REvil’ Hackers Double Their Allen Grubman Ransom Demand To $42m, Threaten To Dump Donald Trump Dirt
The Sun: Celeb hackers double ransom demand to $42M and promise to ‘reveal Trump’s dirty laundry’ after targeting A-list stars
Business Insider: Hackers who stole files from a law firm to stars like Lady Gaga and Drake doubled their ransom to $42 million and threatened to release ‘dirty laundry’ on Trump
HackRead : Pay $42m or Trump’s ‘dirty laundry’ goes online – REvil ransomware hackers
WND : Criminal hacker group claims to have Trump documents, demands $42M in ransom
Tech Insider: Criminal cybergang behind Lady Gaga data dump says it leaked files about President Trump, posting ‘most harmless information’ first
ibtimes.sg : Top News: Ransomware Operator REvil demands $42m Ransom, Threatens to Release Sensitive Trump Documents
Reddit-hacking: ‘A Ton of Dirty Laundry’: Hackers Hit Law Firm, Threaten to Release Huge Tranche of Trump Documents.
Boing Boing: Criminal hackers breach law firm, threaten to release Trump documents
Variety: Hackers Release Dozens of Law Firm’s Emails Citing Trump, but There’s No ‘Dirty Laundry’
Wired: Security News This Week: Hackers Claim to Have ‘Dirty Laundry’ About Donald Trump

@underthebreach: REvil Ransomware group claiming they have a lot of dirt on Donald Trump which they will publish unless they received $42,000,000 from GRUBMAN SHIRE MEISELAS & SACKS.
@malwrhunterteam: Even some big news sites refers to / quotes from this, so here is it: REvil ransomware group's first press release, named "For press #1". Not sure how much of it is true, especially of the Trump part... ? Let's see what days/weeks brings about this story... cc @VK_Intel


May 3, 2020
Dan Goodin / Ars Technica

Dan Goodin / Ars Technica  
New Damaging Ransomware Strain Called LockBit Is Self-Replicating, Rapidly Spreading Malware That Aborts Itself on Machines in Russia, Commonwealth of Independent States

A new ransomware strain called LockBit, most prevalent in the US, the UK, France, Germany, Ukraine, China, India, and Indonesia, rampantly ran through a poorly secured network in a matter of hours leaving leaders with no choice but to pay the ransom, researchers at McAfee recently observed. After getting in, self-replicating LockBit used a dual method to map out and infect the victimized network, using ARP tables and server message blocks to allow infected nodes to connect to uninfected nodes.  Before the ransomware encrypted data, it connected to an attacker-controlled server and then used the machine’s IP address to determine where it was located. If the computer were in Russia or another country belonging to the Commonwealth of Independent States, it would abort the process. LockBit is sold in underground broker forums that often require sellers to put up a deposit that customers can recover in the event the wares don’t perform as advertised.

April 23, 2020
Catalin Cimpanu / ZDNet

Catalin Cimpanu / ZDNet  
Game Maker Valve Tries to Quell Fears of Hackers Developing Exploits Based on Leaked Source Code for CS:GO and TF2

Game company Valve that it’s safe to play games like Counter-Strike: Global Offensive and Team Fortress 2 even after their source code leaked online today on 4chan and torrent sites, causing a panic in the two games’ online communities. On Reddit and other websites, gamers were warning that hackers may develop exploits based on the leaked source code that may be used to hack computers connecting to CS:GO and TF2 servers. Valve sees no reason to be concerned about hackers and said that playing on the official servers is recommended for the highest security. However, over the coming weeks and months, the source could become fodder for hackers because it makes exploit development easier.

Related: Reddit – cybersecurity, Wired, Ars Technica, Slashdot, SlashGear » security, HackRead, Techradar, TechSpot, Game Rant, Forbes


May 15, 2020
David Shepardson, Karen Freifeld, Alexandra Alper / Reuters

David Shepardson, Karen Freifeld, Alexandra Alper / Reuters  
Trump Administration Blocks Chip Supplies to Huawei Raising Fears That China Will Retaliate, Commerce Department Separately Extended Ability of Rural Telcos to Use Huawei Gear

The Trump administration moved to block global chip supplies to blacklisted telecoms equipment giant Huawei Technologies spurring fears of Chinese retaliation and hammering shares of U.S. producers of chipmaking equipment. Under a new rule developed by the Commerce Department, U.S. authority to require licenses for sales to Huawei of semiconductors made abroad with U.S. technology has been dramatically expanded to halt exports to China’s leading smartphone maker. Reports indicate that China is getting ready to put U.S. companies on an “unreliable entity list,” as part of the retaliation against the U.S. move against Huawei. Among the measures contemplated are launching investigations and imposing restrictions on U.S. companies such as Apple, Cisco, and Qualcomm as well as suspending purchase of Boeing airplanes.  The move also hits Taiwan Semiconductor Manufacturing, the biggest contract chipmaker, and key Huawei supplier, which just announced plans to build a U.S.-based plant. Separately, the Commerce Department extended a temporary license that was set to expire on Friday to allow U.S. companies, mostly rural telcos, to continue doing business with Huawei through August 13.

Related: Global Times, Global Times, iMore, Law360, Computer Weekly, SiliconANGLE, Wired, New York Times – Business, South China Morning Post, Cyberscoop, WCCFtech, MacDailyNews, Android CentralZero Hedge, xda-developers, Digit, Multichannel, Law360, MarketWatch.com – Software Industry News, CNBC Technology, Reuters: Business News, The Hill: Cybersecurity

Tweets:@SariArhoHavren

Global Times : Shares of key US firms dive as Chinese govt source leaks retaliation plan on Huawei ban
Global Times : Insider reveals details on China’s plan to target US tech giants to retaliate against Huawei ban
iMore : China threatens companies like Apple with investigations and restrictions
Law360: US Aims To Muscle Huawei Out Of Global Chip Supply Chain – Law360
Computer Weekly: US maintains ban on Chinese tech firms as Huawei, ZTE make 5G leaps
SiliconANGLE: U.S. implements new rules to restrict Huawei’s access to chip technology
Wired: The US Will Help a Taiwan Firm Build a Chip Plant in Arizona
New York Times – Business: U.S. Delivers Another Blow to Huawei With New Tech Restrictions
South China Morning Post: US plans to further restrict Huawei’s development of semiconductors using American technology
Cyberscoop: US Commerce Department tightens screws on Huawei export controls
WCCFtech: Huawei Crippled by the Latest Round of U.S. Sanctions as the Broader Chipmaker Sphere Plunges Into the Red
MacDailyNews: China ready to target Apple, other U.S. firms in retaliation against U.S.’ Huawei ban
Android Central : Trump administration will soon begin blocking Huawei’s global chip supply
Zero Hedge: Futures Tumble After US Restarts Trade War With China, Locks Out Huawei; China Vows Retaliation Against Apple, Boeing
xda-developers: Win a Huawei P40 Pro+ [Open to all Countries]
Digit: Jios new Rs 999 prepaid plan gives users 3GB daily data with a validity of 84 days
Multichannel: Commerce Targets Huawei with New Restrictions
Law360: US Aims To Muscle Huawei Out Of Global Chip Supply Chain – Law360
MarketWatch.com – Software Industry News: Capitol Report: Trump administration moves to cut Huawei off from semiconductor suppliers
CNBC Technology: U.S.-China tensions rise as Trump administration moves to cut Huawei off from global chip suppliers
Reuters: Business News: U.S. moves to cut Huawei off from global chip suppliers
The Hill: Cybersecurity: Commerce Department cracks down on Huawei’s access to chips

@SariArhoHavren: On Friday, “the Trump administration moved to block shipments of semiconductors to Huawei from global chipmakers. The US Commerce Department said it was amending an export rule to strategically target Huawei's acquisition of semiconductors.."


April 6, 2020
Catalin Cimpanu / ZDNet

Catalin Cimpanu / ZDNet  
Korean DarkHotel Hacking Group Has Launched Hacking Operation Against Chinese Government Agencies and Employees by Exploiting Zero-Day Flaw in Sangfor SSL VPN Servers, Sangfor Says Patch Now Available

Foreign state-sponsored hackers operating out of the Korean peninsula known as DarkHotel have launched a bona fide sophisticated massive hacking operation aimed at Chinese government agencies and their employees, according to Chinese security-firm Qihoo 360. The attacks were launched last month and are believed to be tied to the COVID-19 crisis. More than 200 VPN servers have been attacked in this campaign, which has used a zero-day vulnerability in Sangfor SSL VPN servers, typically deployed to provide remote access to enterprise and government networks. The hackers used the zero-day to gain control over the servers, where they replaced a file named SangforUD.exe with a boobytrapped version. Qihoo researchers say that 174 of these servers were located on the systems of government agencies in Beijing and Shanghai, and the networks of Chinese diplomatic missions operating abroad. It is unknown if North Korea or South Korea is behind the attacks. Qihoo said it reported the zero-day vulnerability to Sangfor last Friday, and Sangfor said that patches are now available.

Related: Cyber Security Review, 360 Core Security, TechNadu, Security Affairs, Wired, Cyberscoop

Tweets:@Bing_Chris @craiu @Mao_Ware


September 13, 2019
FBI, This Week

FBI, This Week  
Operation reWired

An FBI-led international operation aimed at dismantling perpetrators of the prolific business email compromise scam results in nearly 300 arrests.

October 23, 2019
Brian Barrett / Wired

Brian Barrett / Wired  
Members of Congress Who ‘Stormed’ the House SCIF to Disrupt Testimony of Impeachment Witnesses Violated Basic Protocols of Digital and National Security Experts Say

U.S. Congressman Matt Gaetz (R-FL) rounded up 30 of his fellow GOP colleagues to storm the House of Representative’s Sensitive Compartmented Information Facility or SCIF in which testimony on the impeachment of Donald Trump was taking place. In doing so, he violated the basic protocols of digital and national security by allowing members to enter the secure room with their cell phones, according to experts. Among other things, SCIFs need radio frequency shielding and electronics that conform to the NSA’s TEMPEST specification. The cell phones the members brought into the SCIF met neither criteria. The smartphones brought into the SCIF – and with which the GOP members tweeted from inside the SCIF – are multifunction cellular telephones, electronic devices with RF transmitting (e.g., Bluetooth), and photographic, video, and audio recording devices. As such, they can, and may very well have, malware implanted on them by nation-states given the high-value members of Congress represent to foreign adversaries.

Related: POLITICO, New York Post, Quartz, Fast Company, Daily Beast, Axios, Daily News, Just Security, Roll Call, Daily Kos, SC Magazine, The Mary Sue, RT USA, Ars Technica

Tweets:@benyc @MiekeEoyang @kylegriffin1 @MarkSZaidEsq @wired @kyledcheney @th3j35t3r @wired @rdpiazza

POLITICO: Impeachment deposition delayed after Republicans storm proceedings
New York Post: What is a SCIF, the room used for Trump impeachment inquiry?
Quartz: Executive privilege won’t shield Trump from the impeachment inquiry
Fast Company: GOP storming House impeachment hearings wasn’t just a dumb stunt. It was a security breach
Daily Beast: House Republicans Literally Storm the Impeachment Hearings
Axios: House Republicans storm closed impeachment hearing in protest
Daily News: The Republicans sink even lower: Matt Gaetz’s stunt outside the SCIF is despicable and dangerous
Just Security: GOP “Storming” of Secure Facility for Impeachment Proceedings: An Explainer
Roll Call: Does your member of Congress like pumpkin spice lattes?
Daily Kos: Impeachment round-up: Republicans storm secure facility as impeachment support continues to grow
SC Magazine: GOP lawmakers storm SCIF during impeachment inquiry, breach security with cell phones | SC Media
The Mary Sue: But Really, Why Haven’t These House Republicans Been Arrested Yet?
RT USA: Republicans STORM secure Capitol chamber where Democrats held ‘impeachment’ hearing
Ars Technica: Republicans storm ultra-secure “SCIF,” some with cell phones blazing [Update]

@benyc: INSIDE THE ROOM: Rep. Connolly said two-dozen Republicans “stormed” into the SCIF, delaying the start of the Cooper deposition. He said a few, including Rep. Gohmert, were “screaming,” and all brought phones into the secure SCIF room. (Rep. Conaway ended up collecting them.)
@MiekeEoyang: A few words on why Gaetz stunt to storm the SCIF to disrupt Laura Cooper's deposition is a VERY serious national security problem. Note, I worked in that SCIF for HPSCI and handled cybersecurity issues while there.
@kylegriffin1: Rep. Bennie Thompson, Chairman of the Homeland Security Committee, has sent a letter to the House Sergeant at Arms regarding the security breach at a House SCIF: "I am requesting you take action with respect to the Members involved in the breach." https://bit.ly/31EdYeD
@MarkSZaidEsq: I often rep indivs in #securityclearance cases where violations occur such as inadvertently bringing cell phone into SCIF. Happens every day. Ppl sometimes lose classified access as result. A deliberate violation should guarantee punishment even for Member of Congress. THREAD ?
@wired: This should be a no-brainer: Do NOT storm into SCIF ("Sensitive Compartmented Information Facility"). Especially with your smartphone. But that is exactly what GOP lawmakers did today, violating security protocols and endangering national security. #SCIF
@kyledcheney: JUST IN: House Homeland Security Committee Chairman asks sergeant at arms to “take action” against Republicans who charged into the SCIF. Doesn’t explain what action he wants:
@th3j35t3r : You'd think a real SCIF door would be lockable from the inside while the legitimate occupants are inside. To clarify, code & logged credentialed access from outside to prevent unauthorized access. Once access is granted and legitimate person is inside, they have another lock.
@wired: This should be a no-brainer: Do NOT storm into SCIF ("Sensitive Compartmented Information Facility"). Especially with your smartphone. But that is exactly what GOP lawmakers did today, violating security protocols and endangering national security. #SCIF https://wired.trib.al/kO5rNBx
@rdpiazza: In contrast, I recently heard of someone who was fired from their job working in a SCIF because they accidentally forgot to remove their Bluetooth-enabled medical device before entering


January 10, 2020
Andy Greenberg / Wired

Andy Greenberg / Wired  
Iranian Hacking Groups Have Been Engaged in Password Spraying Attacks, VPN Software Exploits Against Electric Utilities, Oil and Gas Firms

Newly revealed “password spraying” activity against electric and other utilities has been tracked and attributed to a group of Iranian state-sponsored hackers called Magnallium, also known as APT33, Refined Kitten, or Elfin by industrial control security firm Dragos. Password-spraying attacks guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms. A related group that Dragos calls Parisite has worked in apparent cooperation with Magnallium to gain access to US electric utilities and oil and gas firms by exploiting vulnerabilities in virtual private networking software. Both groups combined were active in running an intrusion campaign during 2019.

Related: ZDNet, SecurityWeek, Dark Reading: Attacks/Breaches, Dragos

Tweets:@DragosInc @Wired


November 15, 2017
Andy Greenberg / Wired

Andy Greenberg / Wired  
Kid Unlocks Mother’s iPhone X With Face ID Due to Facial Similarities

After Apple has conceded that twins and family members with similar facial features can unlock the iPhone X using Face ID, Attaullah Malik and Sana Sherwani have produced proof in the form of a video that their son, Ammar Malik, can unlock his mother’s iPhone X using Face ID. Wired asked Sana Sherwani to re-register her face again to see if her son could unlock the device again with his face and Ammar successfully unlocked it on the third and sixth try and could consistently unlock it thereafter. This latest glitch follows the successful unlocking of the iPhone X with Face ID with an inexpensive mask created by Vietnamese security researchers.

Related: App AdviceCNETiLounge, The Register – Security, Digital TrendsDaily Dot, Geek.comiMoreCult of Mac, DataBreachToday.com, LinkedIn, BGR