Quora Hacked, Moscow Ransomware, and More Security News This Week

China accusations, Eastern European bank heists, and more of the week's top security news...

Mueller: Cohen Lied About Trump Organization's Moscow Project

Trump's former lawyer has testified that the Trump Organization pursued a real estate deal with Moscow deep into the 2016 presidential campaign...

How Trump’s Ukraine Mess Entangled CrowdStrike

A US cybersecurity company became a topic of interest for President Donald Trump in his call with Ukraine’s Volodymyr Zelensky...

A Password-Exposing Bug Was Purged From LastPass

Google Project Zero found and reported a flaw in the widely used password manager...

Facebook’s New Privacy Feature Comes With a Loophole

"Off-Facebook Activity" will give users more control over their data, but Facebook needs up to 48 hours to aggregate your information into a format it can share with advertisers...

How Facebook Catches Bugs in Its 100 Million Lines of Code

For the past four years, Facebook has quietly used a homegrown tool called Zoncolan to find bugs in its massive codebase...

How Safecrackers Can Unlock an ATM in Minutes—Without Leaving a Trace

At Defcon this week, security researcher Mike Davis will show how he can pick the lock of an ATM safe in no time, thanks to its electric leaks...

Google Has Stored Some Passwords in Plaintext Since 2005

On the heels of embarrassing disclosures from Facebook and Twitter, Google reveals its own password bugs—one of which lasted 14 years...

An Email Marketing Company Left 809 Million Records Exposed Online

A exposed database belonging to Verifications.io contained both personal and business information, including 763 million unique email addresses...

The Privacy Battle to Save Google From Itself

Interviews with over a dozen current and former Google employees highlight a commitment to privacy—and the inherent tensions that creates...

Apple's T2 Security Chip Makes It Harder to Tap MacBook Mics

By cutting off the microphone at the hardware level, recent MacBook devices minimize the chance that someone can eavesdrop...

Facebook Wins, Facebook Losses, and More Security News This Week

The Facebook breach, 3-D printed guns on Broadway, and more security news this week...

A Twitter DM Fail, Free Credit Freezes, and More Security News This Week

Free credit freezes, a better private browser, and more security news this week...

Do Not Stare Into the Crypto Orb

A PrintNightmare exploit, a VPN takedown, and more of the week's top security news...

Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims

A single group appears to have infiltrated tens of thousands of Microsoft Exchange servers in an ongoing onslaught...

The SolarWinds Body Count Now Includes NASA and the FAA

Plus: Firefox blocks more tracking, how to fight a robodog, and more of the week’s top security news...

How to Get Your Yahoo Breach Settlement Money

If you had a Yahoo account from 2012 to 2016, you probably have $100 coming your way...

Think Twice Before Giving Gifts With a Microphone or Camera

Black Friday is going to be overrun with cheap, internet-connected gifts. Just make sure you know exactly what you’re buying...

Free Tools Boost 2020 Election Security, but Not Enough

More companies than ever are offering low-cost security services for election bureaus and campaigns. It’s still not clear how much they’ll actually help...

Some Voting Machines Still Have Decade-Old Vulnerabilities

The results of the 2019 Defcon Voting Village are in—and they paint an ugly picture for voting machine security...

Trump's Cyber Czar Is Back—and He Wants to Make Hackers Suffer

Former White House top cybersecurity official Tom Bossert reveals his new startup, Trinity. Its focus: "active threat inference."...

Magecart Hacker Group Hits 17,000 Domains—and Counting

Magecart hackers are casting the widest possible net to find vulnerable ecommerce sites—but their method could lead to even bigger problems...

Inside China’s Surveillance Crackdown on Uyghurs

In Xinjiang, northwest China, the government is cracking down on the minority Muslim Uyghur population, keeping them under constant surveillance and throwing more than a million people into concentration camps. But in Istanbul, 3,000 miles away, a community of women who have escaped a life of...

A YubiKey for iOS Will Soon Free Your iPhone From Passwords

Yubico has finally gotten the green light from Apple to make a hardware authentication token that works on iPhones and iPads...

Rowhammer Data Hacks Are More Dangerous Than Anyone Feared

Researchers have discovered that the so-called Rowhammer technique works on "error-correcting code" memory, in what amounts to a serious escalation...

The Mueller Investigation May Be Safe Despite Matt Whitaker

Robert Mueller's work as special counsel may seem imperiled by the acting attorney general, but there's plenty of reason for optimism...

No One Can Get Cybersecurity Disclosure Just Right

If Facebook and Google's recent security debacles proved anything, it's that disclosure is tricky business...

A Guide to RCS, Why Apple’s Adopting It, and How It Makes Texting Better

The messaging standard promises better security and cooler features than plain old SMS. Android has had it for years, but now iPhones are getting it too...

The Top 30 Vulnerabilities Include Plenty of Usual Suspects

Plus: A sneaky iOS app, a wiper attack in Iran, and more of the week’s top security news...

Facebook Had Years to Fix Flaw That Leaked 500M Users’ Data

Software makers can’t catch every bug every time, but Facebook had ample warning about the privacy problems with its “contact import” feature...

The 25 Most Dangerous Software Vulnerabilities

DMV privacy, a password ruling, and more of the week's top security news...

Hackers Can Turn Everyday Speakers Into Acoustic Cyberweapons

A security researcher has demonstrated how to force everyday commercial speakers to emit harmful sounds...

Apple Contractors Will Stop Listening to Your Siri Recordings—For Now

Facial recognition hits minors, Facebook takes down Saudi accounts, and more security news this week...

How the West Got China's Social Credit System Wrong

It occupies a spot next to 'Black Mirror' and Big Brother in popular imagination, but China’s social credit project is far more complicated than a single, all-powerful numerical score...

I Opted Out of Facial Recognition at the Airport—It Wasn't Easy

Opinion: We've been assured that facial recognition technology is secure, reliable, and accurate. That's far from certain...

Julian Assange Arrested, *Jeopardy!* Game Theory, and More News

Catch up on the most important news today in 2 minutes or less...

Android Is Helping Kill Passwords on a Billion Devices

By officially certifying the FIDO2 standard, the mobile OS will soon allow logins to sites and services without having to put in a password...

NATO Group Catfished Soldiers to Prove a Point About Privacy

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders...

How to Protect Your Files From Ransomware

It's a growing threat for individual users and businesses alike—but there are ways to protect yourself...

Apple’s M1 Chip Has a Fascinating Flaw

The covert channel bug is harmless, but it demonstrates that even new CPUs have mistakes in them...

The SolarWinds Hackers Aren’t ‘Back.’ They Never Went Away

A new phishing campaign from Russian spies targeted USAID, among others. But it’s less an escalation than a regression to the mean...

The Untold History of America’s Zero-Day Market

The lucrative business of dealing in code vulnerabilities is central to espionage and war planning, which is why brokers never spoke about it—until now...

Signal Threatens to Leave the US If EARN IT Act Passes

Plus: WhatsApp updates, a ransomware scheme, and more of the week's top security news...

Google Bans Infowars Android App Over Coronavirus Claims

Apple kicked Alex Jones out of the App Store in 2018. The Google Play Store has finally followed suit...

An Unfixable Flaw Threatens 5 Years of Intel Chips

Plus: A J. Crew breach, CIA hacking, and more of the week's top security news...

Russia Doesn't Want Bernie Sanders. It Wants Chaos

The point of Kremlin interference has always been to find democracy’s loose seams, and pull...

Watch Out for Coronavirus Phishing Scams

At least one email campaign is preying on fears by claiming to offer info about the Wuhan coronavirus...

Twitter Insiders Allegedly Spied for Saudi Arabia

Hackers are one thing. But too few companies take the threat of an inside job seriously enough...

We All Could Pay a Price for the Latest Slap at Huawei

An international cybersecurity group has evicted the Chinese telecom company to comply with US sanctions. That could allow malware to spread more easily...

Hackers Are Erasing Western Digital Hard Drives Remotely

Amazon acquires Wickr, the Senate holds up CISA, and more of the week’s top security news...