Republicans who run elections are split over whether to keep working with the Cybersecurity and Infrastructure Security Agency to fight hackers, online falsehoods, and polling-place threats.
Plus: Scammers try to dupe Apple with 5,000 fake iPhones, Avast gets fined for selling browsing data, and researchers figure out how to clone fingerprints from your phone screen.
Useful quantum computers aren’t a reality—yet. But in one of the biggest deployments of post-quantum encryption so far, Apple is bringing the technology to iMessage.
Anne Neuberger, the Biden administration’s deputy national security adviser for cyber, tells WIRED about emerging cybersecurity threats—and what the US plans to do about them.
Plus: State-backed hackers test out generative AI, the US takes down a major Russian military botnet, and 100 hospitals in Romania go offline amid a major ransomware attack.
Cyberattacks and criminal scams can impact anyone. But communities of color and other marginalized groups are often disproportionately impacted and lack the support to better protect themselves.
Plus: China’s Volt Typhoon hackers lurked in US systems for years, the Biden administration’s crackdown on spyware vendors ramps up, and a new pro-Beijing disinformation campaign gets exposed.
After a slowdown in payments to ransomware gangs in 2022, last year saw total ransom payouts jump to their highest level yet, according to a new report from crypto-tracing firm Chainalysis.
A loose coalition of anti-censorship voices is working to highlight reports of one Indian company’s hacker-for-hire past—and the legal threats aimed at making them disappear.
Newly disclosed breaches of Microsoft and Hewlett-Packard Enterprise highlight the persistent threat posed by Midnight Blizzard, a notorious Russian cyber-espionage group.
From repeatedly crippling thousands of gas stations to setting a steel mill on fire, Predatory Sparrow’s offensive hacking has now targeted Iranians with some of history's most aggressive cyberattacks.
NSO Group, creator of the infamous Pegasus spyware, is spending millions on lobbying in Washington while taking advantage of the crisis in Gaza to paint itself as essential for global security.
Plus: Microsoft says attackers accessed employee emails, Walmart fails to stop gift card fraud, “pig butchering” scams fuel violence in Myanmar, and more.
In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an
The US Securities and Exchange Commission and security firm Mandiant both had their X accounts breached, possibly due to changes to X’s two-factor authentication settings. Here’s how to fix yours.
Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.
If you're at high risk of being targeted by mercenary spyware, or just don't mind losing iOS features for extra security, the company's restricted mode is surprisingly usable.
From Sam Altman and Elon Musk to ransomware gangs and state-backed hackers, these are the individuals and groups that spent this year disrupting the world we know it.
After an 18-month rampage, global law enforcement finally moved against the notorious Alphv/BlackCat ransomware group. Within hours, the operation faced obstacles.
Plus: Apple tightens anti-theft protections, Chinese hackers penetrate US critical infrastructure, and the long-running rumor of eavesdropping phones crystallizes into more than an urban legend.
Kytch, the company that tried to fix McDonald’s broken ice cream machines, has unearthed a 3-year-old email it says proves claims of an alleged plot to undermine their business.
Ten years in, Microsoft’s DCU has honed its strategy of using both unique legal tactics and the company’s technical reach to disrupt global cybercrime and state-backed actors.
A hacker group calling itself Solntsepek—previously linked to Russia’s notorious Sandworm hackers—says it carried out a disruptive breach of Kyivstar, a major Ukrainian mobile and internet provider.
Threat actors from the Democratic People's Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country.
"Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from the rest of the world, the
The new generation of hardware authentication key includes support for cryptographic passkeys as Google pushes adoption of the more secure login alternative.
In its plans to implement a White House executive order, CISA aims to strike a balance between promoting AI adoption for national security and defending against its malicious use.
Netflix, Spotify, Twitter, PayPal, Slack. All down for millions of people. How a group of teen friends plunged into an underworld of cybercrime and broke the internet—then went to work for the FBI.
Russia's most notorious military hackers successfully sabotaged Ukraine's power grid for the third time last year. And in this case, the blackout coincided with a physical attack.
Following a string of serious security incidents, Microsoft says it has a plan to deal with escalating threats from cybercriminals and state-backed hackers.
Plus: Details emerge of a US government social media-scanning tool that flags “derogatory” speech, and researchers find vulnerabilities in the global mobile communications network.
A recent breach of authentication giant Okta has impacted nearly 200 of its clients. But repeated incidents and the company’s delayed disclosure have security experts calling foul.
Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.
Plus: IT workers secretly funnel money to North Korea, a court in the US upholds keyword search warrants, and WhatsApp gets a passwordless upgrade on Android
Whoever looted FTX on the day of its bankruptcy has now moved the stolen money through a long string of intermediaries—and eventually some that look Russian in origin.
Since the conflict escalated, hackers have targeted dozens of government websites and media outlets with defacements and DDoS attacks, and attempted to overload targets with junk traffic to bring them down.
The same chaotic day FTX declared bankruptcy, someone began stealing hundreds of millions of dollars from its coffers. A WIRED investigation reveals the company’s “very crazy night” trying to stop them.
At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.