Newsletter Intrusion Truth - Five Years of Naming and Shaming China’s Spies In 2017, a mysterious group called Intrusion Truth began exposing the real identities of hackers behind Chinese spy operations. In an interview, the group discusses their controversial work.
Newsletter Second Wiper Attack Strikes Systems in Ukraine and Two Neighboring Countries The wiper, dubbed HermeticWiper, struck a bank in Ukraine as well as machines in Latvia and Lithuania belonging to two contractors that work with the Ukrainian government.
Newsletter Wiper in Ukraine Used Code Repurposed From WhiteBlackCrypt Ransomware This month's wiper attack against government agencies in Ukraine has been tied to a 2021 ransomware campaign and a 2019 extortion plot against a Russian oligarch, investigators say.
Newsletter Hackers Were in Ukraine Systems Months Before Deploying Wiper According to researchers from Cisco, evidence shows the intruders were in a few government systems late last summer, but didn't deposit their malicious wiper on the systems until recently.
Newsletter Dozens of Computers in Ukraine Wiped with Destructive Malware in Coordinated Attack Dozens of computers at two government agencies in Ukraine are now confirmed to have been wiped by malware known as WhisperGate. The web sites of the two agencies were also defaced last week.
Newsletter What We Know and Don’t Know about the Cyberattacks Against Ukraine - (updated) Dozens of government agencies in Ukraine were targeted in a web site defacement campaign; around the same time some of the same agencies were infected with a destructive wiper. What happened?
Newsletter Cyber Ninjas CEO Launched Second Company Last Year - Updated A spokesman for the controversial company said Thursday that it was dissolving and laying off the CEO and all employees, after a court levied heavy fines against it. But the CEO has a second company.
Newsletter When Russia Helped the U.S. Nab Cybercriminals The U.S. has repeatedly protested Russia's failure to crack down on ransomware attacks emanating from within its borders. But there was a time when Russia helped the U.S. nab cybercriminals.
Newsletter The Israeli Intelligence Community’s Long History of Targeted Killings Transcript of Q&A with author Ronen Bergman, author of Rise and Kill First
Newsletter Sidechannel Interview with Ronen Bergman - Live Oct. 13, 1pm PT/4pm ET Bergman is author of the book Rise and Kill First, about Israel's program of targeted killings, and a New York Times journalist.
Newsletter Controversial Maricopa "Audit" Concludes that Biden Won by More Votes Than Previously Reported What is believed to be a draft report of the controversial "audit" indicates that President Biden actually gained nearly 100 more votes in the recount than previously counted, and Trump lost 261.
Newsletter Former NSA Hacker Describes Being Recruited for UAE Spy Program David Evenden was hired in 2014 to work in Abu Dhabi on a defensive cybersecurity project, only to discover it was actually an offensive spy operation for a United Arab Emirates intelligence service.
Newsletter Hacking Team Customer in Turkey Was Arrested for Spying on Police Colleagues [or: The Spy Story That Spun a Tangled Web] An investigation that weaves a winding tale between police in Ankara who were charged with spying on their own colleagues... and the purchase of Hacking Team's surveillance software.
Newsletter Hackers Leak Surveillance Camera Videos Purportedly Taken From Inside Iran's Evin Prison The reported breach comes weeks after computer systems belonging to Iran's railway system were also hacked. The railway incident has been attributed to Iranian hacktivists.
Newsletter Pegasus Spyware: How It Works and What It Collects An NSO document leaked to the internet reveals how the Pegasus spyware - sold to intelligence and law enforcement agencies around the world - can be used to spy on targeted mobile phones.
Newsletter The NSO “Surveillance List”: What It Is and Isn’t A series of blockbuster stories published this week around a leaked list of 50,000 phone numbers have created confusion about whether the owners of those numbers were targets of surveillance or not.
Newsletter Justice Department Sought Reporter Records from Security Firm Proofpoint, in Bid to Unmask Leak Sources Documents unsealed by a court this week reveal that the Justice Department didn't just go after email providers to obtain reporter records, but also went after the security firm Proofpoint
Newsletter Voting’s Hash Problem: When the System for Verifying the Integrity of Voting Software Lacks Integrity Itself Problems uncovered in the hash-verification process for voting machines made by Election Systems and Software highlight issues with the trustworthiness of voting software and voting machine vendors
Newsletter Negotiating Ransoms: When to Play and When to Fold An interview with the CEO of Coveware, which negotiates payments on behalf of ransomware victims.
Newsletter Checking in It’s been two months this week since I launched this experiment called Zero Day. Now that I’ve had time to see what’s doable on this platform and what’s doable as a writing pace, I wanted to check in with readers to get some feedback. When I
Newsletter Darkside Retreats to the Dark After announcing that its criminal infrastructure has been taken down due to U.S. law enforcement pressure, the Darkside ransomware gang says it's retreating. But is it?
Newsletter Anatomy of a $2 Million Darkside Ransomware Breach Days before the Darkside ransomware creators formally launched their business with a press release last August, a U.S. victim was already preparing to pay them a $2 million ransom.
Newsletter What Happens in Maricopa Won’t Stay in Maricopa How a little-known cybersecurity consulting company is controlling one of the most significant events related to the 2020 presidential election and plans to spread its tactics to other states.
Newsletter US Gov Issues Emergency Order While Colonial Pipeline Is Down The move lets fuel that's backed up in Texas and elsewhere be more quickly transported by trucks while pipeline remains offline. Colonial has not said when its pipelines will be back online.