Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
When the Biden administration ended, the White House a Thursday’s 40-page executive order aimed at strengthening federal cybersecurity protections and putting in place safeguards against the US government’s use of artificial intelligence. WIRED also spoke with the US Ambassador for Cyberspace and Digital Policy. Nathaniel Fick on the urgency of the Trump administration not cowing Russia and China in the global race for technical superiority. Going FCC Chair Jessica Rosenworcel sent the details to WIRED At least nine of the threats facing US telecoms were recently compromised by China’s Salt Typhoon hackers. Meanwhile, US officials are still struggling to deal with multiple spying campaigns and other data breaches, with new revelations this week of the AT&T breach last summer. FBI call and text records that may reveal the identity of anonymous sources.
Huione Guarantee, a huge online marketplace that provides a range of services to online fraudsters, is expanding its offerings, according to researchers. messaging app, stablecoin and cryptocurrency exchange, and facilitated $24 billion in transactionsaccording to a new study. New findings show that GitHub’s efforts to crack down on the use of deep-fake porn software are failing. And WIRED took a deep dive the opaque world of predictive travel control and the companies and governments that transmit the data To AI tools designed to detect people who may be “threats” about international travelers.
But wait, there’s more! Each week, we summarize security and privacy news that we don’t cover in detail ourselves. Click on the headlines to read the full stories. And stay safe out there.
Chinese spies, US spies, all spies. Mutual espionage is a geopolitical game played by almost every nation in the world. So when the US government singles out a single hacker for espionage interventions, naming him and targeting him with sanctions, he must have spied aggressively or effectively enough to make powerful people very angry.
The US Treasury imposed sanctions on 39-year-old Chinese national Yin Kecheng on Friday. US Treasury. In a statement on the news, the Treasury alleges that Yi is affiliated with China’s Ministry of State Security and has been a “cyber actor” for more than a decade. It also imposed sanctions on Sichuan Juxinhe Network Technology, which the Treasury said was linked to Typhoon Salt.
Salt Typhoon’s breach of US telecommunications gave Chinese hackers massive access to Americans’ real-time texts and phone calls, and was reportedly used to spy on President-elect Donald Trump and Vice President-elect JD Vance, among other targets. This was reported by FBI director Christopher Wray he called telecom breaks China’s “most significant cyberespionage campaign in history.”
As Treasury responds to China’s spying operations, it is still trying to determine the extent of some of the hacking that took place inside the network. An internal Treasury report obtained by Bloomberg found that hackers penetrated at least 400 of the agency’s personal computers and stole more than 3,000 files in the latest breach. The espionage intrusion appears to go after sanctions and law enforcement information, a discovery report, as well as other intelligence materials. Despite this extensive access, the attackers did not gain access to Treasury emails or sensitive parts of its network, nor did they leave behind malware that suggests an attempt to maintain longer-term access, the report said.
The Justice Department announced this week that the FBI was conducting an operation to remove a sample of the malware known as PlugX from 4,200 computers worldwide. The malware, usually transmitted to computers via infected USB drives, has been around for at least a decade and has sometimes been used by Chinese state-sponsored hacking groups to target Chinese dissidents. Last July, cybersecurity firm Sekoia and French law enforcement authorities seized the command-and-control server behind the malware. This week, the FBI won a court order allowing the bureau to send a self-destruct command to software on infected machines.
Following news of a cyberattack earlier this week that compromised US education technology platform PowerSchool, targeted school districts told TechCrunch on Thursday that the attackers gained access to “all” student and teacher data stored on their accounts. More than 60 million K-12 students in the US use PowerSchool. Hackers gained access to the company’s customer support portal by stealing login credentials. The connection of the attack with a specific criminal has not yet been revealed. PowerSchool has not yet disclosed the exact number of victimized schools and whether all of its customers are affected.
