As the Biden administration ends, the White House issued a The 40-page executive order released Thursday aims to strengthen federal cybersecurity protections and banning the use of AI by the US government. WIRED also spoke to the outgoing US Ambassador for Cyberspace and Digital Policy, Nathaniel Fick, on the urgency that the Trump administration not succumb to Russia and China In the global race for technological dominance. outgoing FCC Chairwoman Jessica Rosenworcel gave details to WIRED Threats facing US telecoms, at least nine of which were recently breached by China's Salt Typhoon hackers. Meanwhile, US officials are still struggling to get a handle on multiple spying campaigns and other data breaches, with new revelations this week over the AT&T breach disclosed last summer FBI call and text logs compromised could reveal identities of anonymous sources,
Huon Guarantee, a giant online marketplace that researchers say provides a range of services to online scammers, is expanding its offerings Messaging app, stablecoin and crypto exchange have facilitated $24 billion worth of transactionsAccording to new research. New findings indicate that GitHub's efforts to crack down on the use of deepfake porn software are failingAnd WIRED took a deeper dive into it The opaque world of predictive travel monitoring and the companies and governments pumping out data The AI tool aims to detect people who may be a “threat” among international travelers.
But wait, there's more! Each week, we round up security and privacy news that we haven't covered in depth ourselves. Click on titles to read full stories. And stay safe there.
China spies, America spies, everyone spies. Mutual espionage is a geopolitical game played by almost every country in the world. So when the US government singles out a single hacker for an espionage-focused intrusion, names him and targets him with sanctions, he must have spied aggressively or effectively – which can greatly anger the powerful. Must have given.
The US Treasury on Friday imposed sanctions on Yin Kecheng, a 39-year-old Chinese man accused of involvement in the breach of nine US telecommunications companies, as well as a more recent breach by a Chinese hacker group called Salt Typhoon. US treasury. In a statement about the news, Treasury alleged that Yin is affiliated with China's Ministry of State Security and has been a “cyber actor” for more than a decade. It also imposed sanctions on Sichuan Juxinhe Network Technology, a company that Treasury says is also linked to Typhoon Salt.
The breach of US telecoms by Typhoon Salt gave Chinese hackers massive access to Americans' real-time texts and phone calls, and reportedly used it to target President-elect Donald Trump and Vice President-elect Trump, among other targets. Was meant to spy on JD Vance. FBI Director Christopher Wray called The telecom was breached in China's “most significant cyber espionage campaign in history”.
As Treasury cracks down on China's spying operations, it is still working to determine the scope of the intrusions into its networks by the same hackers. An internal Treasury report obtained by Bloomberg found that hackers had penetrated at least 400 of the agency's PCs and stolen more than 3,000 files in the recent breach. The report found that espionage-focused intrusions followed sanctions and law-enforcement-related information, as well as other intelligence materials. Despite that broad access, the intruders did not gain access to Treasury's email or classified parts of its network, nor did they leave malware that would suggest an effort to maintain long-term access, the report said.
The Justice Department revealed this week that the FBI conducted an operation to remove a sample of malware called PlugX from 4,200 computers around the world. The malware, which typically spread to computers via infected USB drives, has been around for at least a decade and has been used at various times by Chinese state-sponsored hacker groups to target Chinese dissidents. In July last year, cybersecurity firm Sequoia and French law enforcement took over the command-and-control server behind the malware. This week, the FBI obtained a court order that allowed the bureau to send self-destruct orders to software on infected machines.
Following news earlier this week of a cyberattack in December that breached the US education technology platform PowerSchool, the school districts targeted in the intrusion told TechCrunch on Thursday that the attackers accessed “all” of student and teacher data stored in their accounts. Have gained access to the data. PowerSchool is used by more than 60 million K-12 students in the US. The hackers gained access to the information by stealing login credentials, which gave them access to the company's customer support portal. The attack has not yet been publicly linked to any specific perpetrator. PowerSchool has not yet disclosed the exact number of affected schools nor said whether all of its customers were affected.