Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The White House released a statement as the Biden administration winds down Thursday’s 40-page executive order aims to tighten federal cybersecurity protections and guarding the US government’s use of AI. WIRED also spoke with the outgoing US Ambassador for Cyberspace and Digital Policy, Nathaniel Feek, on the urgency of the Trump administration not giving cows to Russia and China In the global race for technological supremacy. extroverted FCC Chair Jessica Rosenworsel explained the details to Wired US telecoms are facing threats, at least nine of which were recently breached by Salt Typhoon hackers in China. Meanwhile, US officials are still scrambling to get a handle on multiple spying campaigns and other data breaches, with new revelations this week that AT&T’s breach was revealed last summer. Compromised FBI call and text logs that could reveal the identity of anonymous sources.
Huione Guaranty, the massive online marketplace that researchers say offers a variety of services to online scammers, is expanding its offerings to include messaging app, stablecoin and crypto exchange and facilitated $24 billion in transactionsAccording to new research. New findings indicate GitHub’s efforts to stop the use of Deepfake porn software are failing. And Wired took a deep dive The opaque world of predictive travel surveillance and the companies and governments that are pumping out the data AI tools to identify people who may be “threats” about international travelers.
But wait, there’s more! Each week, we round up security and privacy news that we haven’t covered in depth Click on the title to read the full story. And stay safe out there.
China spies, US spies, all spies. Mutual espionage is a geopolitical game played by almost every nation in the world. So when the US government singles out a hacker for espionage-focused infiltration, names him, and targets him with sanctions, he must have spied aggressively—or effectively—made powerful people very angry.
The US Treasury on Friday imposed sanctions on Yin Kecheng, a 39-year-old Chinese man accused of involvement in the breaches of nine US telecommunications companies run by a Chinese hacker group known as Salt Typhoon, as well as another recent breach. US Treasury. In a statement about the news, the Treasury alleged that Yin is linked to China’s Ministry of State Security and has been a “cyber actor” for more than a decade. It also imposed sanctions on Sichuan Xuxinhe Network Technology, a company the Treasury says is also linked to Typhoon Salt.
The US telecom breach in Salt Typhoon gave Chinese hackers massive access to Americans’ real-time texts and phone calls and was reportedly used to spy on President-elect Donald Trump and Vice President-elect J.D. Vance, among other targets. FBI Director Christopher Wray to call Telecom breached China’s “most significant cyber espionage operation in history”.
As the Treasury returns to China’s spying operations, it is still working to determine the scope of the same hackers’ infiltration inside its network. An internal Treasury report obtained by Bloomberg found that hackers accessed at least 400 agency PCs and stole more than 3,000 files in the latest breach. The espionage-focused intrusion appears to have gone after information about sanctions and law enforcement, the report found, as well as other intelligence materials. Despite that massive access, the intruders did not gain access to Treasury email or classified parts of its network, the report said, nor did they leave malware that would suggest an attempt to maintain long-term access.
The Justice Department revealed this week that the FBI conducted an operation to remove a sample of the malware known as PlugX from 4,200 computers around the world. The malware, which was typically transmitted to computers via infected USB drives, has persisted for at least a decade, and Chinese state-sponsored hacker groups have occasionally targeted Chinese dissidents. Sometimes used. In July last year, cybersecurity firm Sequoia and French law enforcement took over the command-and-control server behind the malware. This week, the FBI obtained a court order allowing the bureau to send a self-destruct command to software on infected machines.
Following news earlier this week of a December cyberattack that breached US education technology platform PowerSchool, school districts targeted by the intrusion told TechCrunch on Thursday that the attackers gained access to “all” student and teacher data stored on their accounts. PowerSchool is used by more than 60 million K-12 students in the United States. Hackers gained access to information by stealing login credentials that gave them access to the company’s customer support portal. No specific perpetrators have yet been linked to the attack. PowerSchool has not yet released the exact number of schools affected or whether all of its customers have been affected.
