Craigslist founder Craig Newmark plans to donate $100 million to further strengthen U.S. cybersecurity, addressing what he sees as a growing threat from foreign governments, he tells the WSJ. Half the funds will focus on protecting power grids and other infrastructure from cyberattacks; half will be earmarked to educate people about so-called cybersecurity hygiene. Newmark, […]
The FBI has dismantled a massive network of compromised devices that Chinese state-sponsored hackers have used for four years to mount attacks on government agencies, telecoms, defense contractors, and other targets in the US and Taiwan.
The botnet was made up primarily of small office and home office routers, surveillance cameras, network-attached storage, and other Internet-connected devices located all over the world. Over the past four years, US officials said, 260,000 such devices have cycled through the sophisticated network, which is organized in three tiers that allow the botnet to operate with efficiency and precision. At its peak in June 2023, Raptor Train, as the botnet is named, consisted of more than 60,000 commandeered devices, according to researchers from Black Lotus Labs, making it the largest China state botnet discovered to date.
Burning down the house
Raptor Train is the second China state-operated botnet US authorities have taken down this year. In January, law enforcement officials covertly issued commands to disinfect Internet of Things devices that hackers backed by the Chinese government had taken over without the device owners’ knowledge. The Chinese hackers, part of a group tracked as Volt Typhoon, used the botnet for more than a year as a platform to deliver exploits that burrowed deep into the networks of targets of interest. Because the attacks appear to originate from IP addresses with good reputations, they are subjected to less scrutiny from network security defenses, making the bots an ideal delivery proxy. Russia-state hackers have also been caught assembling large IoT botnets for the same purposes.
Wireless communication devices have exploded again today across Lebanon in a second attack even deadlier than yesterday's explosion of thousands of Hezbollah pagers. According to Lebanon's Ministry of Health, the new attack has killed at least 14 more people and injured more than 450.
Today's attack targeted two-way radios ("walkie-talkies") issued to Hezbollah members. The radios exploded in the middle of the day, with at least one going off during a funeral for people killed in yesterday's pager attacks. A New York Times report on that funeral described the moment:
When the blast went off, a brief, eerie stillness descended on the crowd. Mourners looked at one another in disbelief. The religious chants being broadcast over a loudspeaker abruptly stopped.
Then panic set in. People started scrambling in the streets, hiding in the lobbies of nearby buildings, and shouting at one another, “Turn off your phone! Take out the battery!” Soon a voice on the loudspeaker at the funeral urged everyone to do the same...
One woman, Um Ibrahim, stopped a reporter in the middle of the confusion and begged to use the reporter’s cellphone to call her children. The woman dialed a number with her hands shaking, then screamed into the phone, “Turn off your phones now!”
The story appears to capture the current mood in Lebanon, where no one seems quite sure what will explode next. While today's attack against walkie-talkies is well-attested, various unconfirmed reports suggest that people fear an explosion from just about anything with a battery.
The FBI, NSA and other U.S. government agencies detailed a Chinese-government operation that used 260,000 of internet-connected devices to launch cyberattacks.
The Federal Aviation Administration alleged Tuesday that SpaceX violated its launch license requirements on two occasions last year by using an unauthorized launch control center and fuel farm at NASA's Kennedy Space Center in Florida.
The regulator seeks to fine SpaceX $633,009 for the alleged violations, which occurred during a Falcon 9 launch and a Falcon Heavy launch last year. Combined, the proposed fines make up the largest civil penalty ever imposed by the FAA's commercial spaceflight division.
“Safety drives everything we do at the FAA, including a legal responsibility for the safety oversight of companies with commercial space transportation licenses,” said Marc Nichols, the FAA's chief counsel, in a statement. “Failure of a company to comply with the safety requirements will result in consequences.”
Participants in a hacking competition with ties to China’s military were, unusually, required to keep their activities secret, but security researchers say the mystery only gets stranger from there.
At least eight people have been killed and more than 2,700 people have been injured in Lebanon by exploding pagers. Experts say the blasts point toward a supply chain compromise, not a cyberattack.
A massive wave of pager explosions across Lebanon and Syria beginning at 3:30 pm local time today killed at least 11 people and injured more than 2,700, according to local officials. Many of the injured appear to be Hezbollah members, although a young girl is said to be among the dead.
Anonymous officials briefed on the matter are now describing it as a supply chain attack in which Israel was able to hide small amounts of explosives inside Taiwanese pagers shipped to Lebanon. The explosive was allegedly triggered by a small switch inside the pagers that would be activated upon receiving a specific code. Once that code was received, the pagers beeped for several seconds—and then detonated.
New York Times reporters captured the chaos of the striking scene in two anecdotes:
Cybersecurity has one of the biggest and most urgent talent shortages in the tech industry. Malicious attacks are on the rise, and the techniques being used to worm into networks are growing ever more sophisticated. Yet, the World Economic Forum recently found that there are 4 million cybersecurity positions unfilled globally, and it expects that […]
EasyDMARC, a B2B SaaS startup out of Armenia that aims to simplify email security and authentication, said it has raised $20 million in a Series A round.
A supply chain failure that compromises Secure Boot protections on computing devices from across the device-making industry extends to a much larger number of models than previously known, including those used in ATMs, point-of-sale terminals, and voting machines.
The debacle was the result of non-production test platform keys used in hundreds of device models for more than a decade. These cryptographic keys form the root-of-trust anchor between the hardware device and the firmware that runs on it. The test production keys—stamped with phrases such as “DO NOT TRUST” in the certificates—were never intended to be used in production systems. A who's-who list of device makers—including Acer, Dell, Gigabyte, Intel, Supermicro, Aopen, Foremelife, Fujitsu, HP, and Lenovo—used them anyway.
Medical devices, gaming consoles, ATMs, POS terminals
Platform keys provide the root-of-trust anchor in the form of a cryptographic key embedded into the system firmware. They establish the trust between the platform hardware and the firmware that runs on it. This, in turn, provides the foundation for Secure Boot, an industry standard for cryptographically enforcing security in the pre-boot environment of a device. Built into the UEFI (Unified Extensible Firmware Interface), Secure Boot uses public-key cryptography to block the loading of any code that isn’t signed with a pre-approved digital signature.
The fight to keep TikTok operating unchanged in the US reached an appeals court Monday, where TikTok and US-based creators teamed up to defend one of the world's most popular apps from a potential US ban.
TikTok lawyer Andrew Pincus kicked things off by warning a three-judge panel that a law targeting foreign adversaries that requires TikTok to divest from its allegedly China-controlled owner, ByteDance, is "unprecedented" and could have "staggering" effects on "the speech of 170 million Americans."
Pincus argued that the US government was "for the first time in history" attempting to ban speech by a specific US speaker—namely, TikTok US, the US-based entity that allegedly curates the content that Americans see on the app.
Musk’s now-deleted post questioning why no one has attempted to assassinate Joe Biden and Kamala Harris renews concerns over his work for the US government—and potential to inspire extremist violence.