Dan Goodin
Dan Goodin
CRITIC
img-contested
N/A
0 reviews
PUBLIC
img-contested
N/A
2 reviews
RECENT ARTICLES
gold-cheese83%
Advisories: “Brazen” Russian ransomware hackers target hundreds of US hospitals

Advisories: “Brazen” Russian ransomware hackers target hundreds of US hospitals

Russian hackers are targeting hundreds of US hospitals and healthcare providers just as the Corona Virus is making a comeback and the US presidential election is in its final stretch, officials from three government agencies and the private sector are warning.The hackers typically use the TrickBot network of infected computers to penetrate the organizations and after further burrowing into their networks deploy Ryuk, a particularly aggressive piece of ransomware, a published by the FBI, Health and Human Services, and the Cybersecurity & Infrastructure Security agency said.“CISA, FBI, and...

arstechnica.com
Dan Goodin
1d ago
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Study shows which messengers leak your data, drain your battery, and more

Study shows which messengers leak your data, drain your battery, and more

Link previews are a ubiquitous feature found in just about every chat and messaging app, and with good reason. They make online conversations easier by providing images and text associated with the file that’s being linked.Unfortunately, they can also leak our sensitive data, consume our limited bandwidth, drain our batteries, and, in one case, expose links in chats that are supposed to be end-to-end encrypted. Among the worst offenders, according to , were messengers from Facebook, Instagram, LinkedIn, and Line. More about that shortly. First a brief discussion of previews.When a sender...

arstechnica.com
Dan Goodin
3d ago
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Hackers behind life-threatening attack on chemical-maker are sanctioned

Hackers behind life-threatening attack on chemical-maker are sanctioned

Russian state nationals accused of wielding life-threatening malware specifically designed to tamper with critical safety mechanisms at a petrochemical plant are now under sanction by the US Treasury Department.The attack drew considerable concern because it’s the first known time hackers have used or injury, a prospect that may have actually happened had it not been for a lucky series of events. The hackers—who have been linked owned by the Russian government—have also and been caught .Now the Treasury Department is sanctioning the group, which is known as the State Research Center of the...

arstechnica.com
Dan Goodin
6d ago
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Trickbot—the for-hire botnet Microsoft attacked—is scrambling to stay alive

Trickbot—the for-hire botnet Microsoft attacked—is scrambling to stay alive

Operators of Trickbot—a for-hire botnet that has infected more than 1 million devices since 2016—are looking for new ways to stay afloat after Microsoft and a host of industry partners last week.In an , Microsoft Corporate VP for Security & Trust Tom Burt said the operation initially managed to take down 62 of the 69 servers Trickbot was known to be using to control its vast network of infected devices. Trickbot operators responded by quickly spinning up 59 new servers, and Microsoft was able to eliminate all of them except for one.In all, the industrywide operation has taken down 120 of...

arstechnica.com
Dan Goodin
Oct 21
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Adblockers installed 300,000 times are malicious and should be removed now

Adblockers installed 300,000 times are malicious and should be removed now

Adblocking extensions with more than 300,000 active users have been surreptitiously uploading user browsing data and tampering with users’ social media accounts thanks to malware its new owner introduced a few weeks ago, according to technical analyses and posts on Github.Hugo Xu, developer of the Nano Adblocker and Nano Defender extensions, that he no longer had the time to maintain the project and had sold the rights to the versions available in Google’s Chrome Web Store. Xu told me that Nano Adblocker and Nano Defender, which often are installed together, have about 300,000 installations...

arstechnica.com
Dan Goodin
Oct 20
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Six Russians accused of the world’s most destructive hacks indicted

Six Russians accused of the world’s most destructive hacks indicted

Six men accused of carrying out some of the world's most destructive hacks—including the NotPetya disk wiper and power grid attacks that knocked out electricity for hundreds of thousands of Ukrainians—have been indicted in US federal court.The indictment said that all six men are officers in a brazen hacker group best known as Sandworm, which works on behalf of Unit 74455 of the Russian Main Intelligence Directorate, abbreviated from Russian as GRU. The officers are behind the "most disruptive and destructive series of computer attacks ever attributed to a single group," prosecutors said....

arstechnica.com
Dan Goodin
Oct 19
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Hackers are using a severe Windows bug to backdoor unpatched servers

Hackers are using a severe Windows bug to backdoor unpatched servers

One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network, a researcher said on Friday.Zerologon, as the vulnerability has been dubbed, gained widespread attention last month when the firm that discovered it said it could give attackers , which admins use to create, delete, and manage network accounts. Active directories and the domain controllers they run on are among the most coveted prizes in hacking because once hijacked, they...

arstechnica.com
Dan Goodin
Oct 16
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Undocumented backdoor that covertly takes snapshots found in kids’ smartwatch

Undocumented backdoor that covertly takes snapshots found in kids’ smartwatch

A popular smartwatch designed exclusively for children contains an undocumented backdoor that makes it possible for someone to remotely capture camera snapshots, wiretap voice calls, and track locations in real time, a researcher said.The X4 smartwatch is marketed by Xplora, a Norway-based seller of children’s watches. The device, which sells for about $200, runs on Android and offers a range of capabilities, including the ability to make and receive voice calls to parent-approved numbers and to send an SOS broadcast that alerts emergency contacts to the location of the watch. A separate...

arstechnica.com
Dan Goodin
Oct 12
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
FBI/DHS: Government election systems face threat from active Zerologon exploits

FBI/DHS: Government election systems face threat from active Zerologon exploits

The FBI and the cybersecurity arm of the Department of Homeland Security said they have detected hackers exploiting a critical Windows vulnerability against state and local governments and that, in some cases, the attacks are being used to breach networks used to support elections.Members of unspecific APTs—the abbreviation for advanced persistent threats—are exploiting a Windows vulnerability dubbed Zerologon. It gives attackers who already have a toehold on a vulnerable network that administrators use to allocate new accounts and manage existing ones.To gain initial access, the attackers...

arstechnica.com
Dan Goodin
Oct 10
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Apple pays $288,000 to white-hat hackers who had run of company’s network

Apple pays $288,000 to white-hat hackers who had run of company’s network

For months, Apple’s corporate network was at risk of hacks that could have stolen sensitive data from potentially millions of its customers and executed malicious code on their phones and computers, a security researcher said on Thursday., a 20-year-old researcher who specializes in website security, said that, in total, he and his team found 55 vulnerabilities. He rated 11 of them critical because they allowed him to take control of core Apple infrastructure and from there steal private emails, iCloud data, and other private information.The 11 critical bugs were:Apple promptly fixed the...

arstechnica.com
Dan Goodin
Oct 8
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Now you can enforce your privacy rights with a single browser tick

Now you can enforce your privacy rights with a single browser tick

Anyone who remembers Do Not Track—the initiative that was supposed to allow browser users to reclaim their privacy on the Web—knows it was a failure. Not only did websites ignore it, using it arguably made people less private because it made them stick out. Now, privacy advocates are back with a new specification, and this time they’ve brought the lawyers.Under the hood, the specification, known as Global Privacy Control, works pretty much the same way Do Not Track did. A small HTTP header informs sites that a visitor doesn’t want their data sold. The big difference this time is the...

arstechnica.com
Dan Goodin
Oct 8
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
DHS warns that Emotet malware is one of the most prevalent threats today

DHS warns that Emotet malware is one of the most prevalent threats today

The malware known as Emotet has emerged as “one of the most prevalent ongoing threats” as it increasingly targets state and local governments and infects them with other malware, the cybersecurity arm of the Department of Homeland Security said on Tuesday.Emotet was first identified in 2014 as a relatively simple trojan for stealing banking account credentials. Within a year or two, it had reinvented itself as a formidable downloader or dropper that, after infecting a PC, installed other malware. The Trickbot banking trojan and the Ryuk ransomware are two of the more common follow-ons. Over...

arstechnica.com
Dan Goodin
Oct 7
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Charges filed in hack that caused NFL athlete’s nude pics to be posted on Twitter

Charges filed in hack that caused NFL athlete’s nude pics to be posted on Twitter

Federal authorities have accused two men of hacking the email and social media accounts of multiple athletes with the National Football League and the National Basketball Association and either selling or ransoming the credentials for profit.In one case, according to a unsealed on Wednesday, the account compromises resulted in explicit photos of one of the NFL players being posted to his Twitter and Instagram accounts. The complaint didn’t identify the athlete except to call him Victim-1 and to say that he lived in New Jersey and the photos appeared on June 4, 2018.Based on the information,...

arstechnica.com
Dan Goodin
Sep 30
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
“Joker”—the malware that signs you up for pricey services—floods Android markets

“Joker”—the malware that signs you up for pricey services—floods Android markets

September has been a busy month for malicious Android apps, with dozens of them from a single malware family alone flooding either Google Play or third-party markets, researchers from security companies said.Known as Joker, this family of malicious apps has been attacking Android users since late 2016 and more recently has become one of the most common Android threats. Once installed, Joker apps secretly subscribe users to pricey subscription services and can also steal SMS messages, contact lists, and device information. Last July, researchers said they found Joker lurking in 11 seemingly...

arstechnica.com
Dan Goodin
Sep 28
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
One of this year’s most severe Windows bugs is now under active exploit

One of this year’s most severe Windows bugs is now under active exploit

One of the highest-impact Windows vulnerabilities patched this year is now under active exploitation by malicious hackers, Microsoft warned overnight, in a development that puts increasing pressure on laggards to update now.CVE-2020-1472, as the vulnerability is tracked, allows hackers to instantly take control of the Active Directory, a Windows server resource that acts as an all-powerful gatekeeper for all machines connected to a network. Researchers have dubbed the vulnerability Zerologon, because it allows attackers with only minimal access to a vulnerable network to login to the Active...

arstechnica.com
Dan Goodin
Sep 24
Worthy
Share
Save
Give Tip
Review
gold-cheese76%
A Tip From a Kid Helped Uncover a Slew of Scam Apps

A Tip From a Kid Helped Uncover a Slew of Scam Apps

a tip from a child led them to discover aggressive adware and exorbitant prices lurking in and smartphone apps with a combined 2.4 million downloads from the App Store and Google Play.ARS TECHNICAThis story originally appeared on , a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED's parent company, Condé Nast.Posing as apps for entertainment, wallpaper images, or music downloads, some of the titles served intrusive ads even when an app wasn’t active. To prevent users from uninstalling them, the apps hid their icon, making it hard to...

wired.com
Dan Goodin
+1
Sep 24
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
“LokiBot,” the malware that steals your most sensitive data, is on the rise

“LokiBot,” the malware that steals your most sensitive data, is on the rise

Federal and state officials are seeing a big uptick in infections coming from LokiBot, an open source DIY malware package for Windows that’s openly sold or traded for free in underground forums. It steals passwords and cryptocurrency wallets, and it can also download and install new malware.In an , the Department of Homeland Security’s Cybersecurity and Infrastructure Agency and the Multi-State Information Sharing & Analysis Center said LokiBot activity has scaled up dramatically in the past two months. The increase was measured by “EINSTEIN,” an automated intrusion-detection system for...

arstechnica.com
Dan Goodin
Sep 22
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
A tip from a kid helps detect iOS and Android scam apps’ 2.4 million downloads

A tip from a kid helps detect iOS and Android scam apps’ 2.4 million downloads

Researchers said that a tip from a child led them to discover aggressive adware and exorbitant prices lurking in iOS and Android smartphone apps with a combined 2.4 million downloads from the App Store and Google Play.Posing as apps for entertainment, wallpaper images, or music downloads, some of the titles served intrusive ads even when an app wasn’t active. To prevent users from uninstalling them, the apps hid their icon, making it hard to identify where the ads were coming from. Other apps charged from $2 to $10 and generated revenue of more than $500,000, according to estimates from...

arstechnica.com
Dan Goodin
Sep 22
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Feds issue emergency order for agencies to patch critical Windows flaw

Feds issue emergency order for agencies to patch critical Windows flaw

The US Department of Homeland Security is giving federal agencies until midnight on Tuesday to patch a critical Windows vulnerability that can make it easy for attackers to become all-powerful administrators with free rein to create accounts, infect an entire network with malware, and carry out similarly disastrous actions.Zerologon, as researchers have dubbed the vulnerability, allows malicious hackers to instantly gain unauthorized control of the Active Directory. An Active Directory stores data relating to users and computers that are authorized to use email, file sharing, and other...

arstechnica.com
Dan Goodin
Sep 21
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Porn surfers have a dirty secret. They’re using Internet Explorer

Porn surfers have a dirty secret. They’re using Internet Explorer

They’re back—attacks that use booby-trapped Web ads to install malware on the computers of unsuspecting visitors.So-called malvertising works by paying advertising networks to display banner ads on legitimate websites. Malicious code snuck into the ads then surreptitiously exploits vulnerabilities in browsers or browser plugins. The result: merely browsing to the wrong site infects vulnerable computers with malware that steals banking credentials, logs passwords, or spies on users.Malvertising never went away, but it did become much less common in the past few years. Thanks to dramatic...

arstechnica.com
Dan Goodin
Sep 12
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Russian state hackers are targeting Biden and Trump campaigns, MSFT warns

Russian state hackers are targeting Biden and Trump campaigns, MSFT warns

Fancy Bear—the Russian state hacking group that brought you the smash-and-leak attacks on the and , the worldwide, and the —is targeting organizations involved in elections taking place in the US and UK, Microsoft has warned.Over a two-week period last month, the group attempted attacks on more than 6,900 accounts belonging to 28 organizations, Microsoft said. Between September 2019 and last June, Fancy Bear targeted tens of thousands of accounts belonging to employees of more than 200 organizations. The hackers use two techniques—one known as "brute forcing" and the other called "password...

arstechnica.com
Dan Goodin
Sep 11
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Revisiting the spectacular failure that was the Bill Gates deposition

Revisiting the spectacular failure that was the Bill Gates deposition

When Microsoft backed a key motion filed two weeks ago in , it raised a few eyebrows.Two decades ago, the US Justice Department, 18 states, and the District of Columbia sued Microsoft on allegations the Windows operating system represented a monopoly that the company was wielding to prop up its then fledgling Internet Explorer browser, in violation of the . The suit expressly claimed that Microsoft was using Windows to freeze out the Netscape browser and, more tacitly, Sun Microsystems’ cross-platform Java platform as well.The software maker vehemently bristled at the allegations and...

arstechnica.com
Dan Goodin
Sep 10
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Booze and cruise providers are the latest to be hit by ransomware scourge

Booze and cruise providers are the latest to be hit by ransomware scourge

Ransomware operators are continuing their blitz on corporations with deep pockets, with Jack Daniel’s distiller Brown-Forman and cruise line behemoth Carnival being two of the latest to be hit.In a statement, Brown-Forman officials wrote:Brown-Forman was the victim of a cybersecurity attack. Our quick actions upon discovering the attack prevented our systems from being encrypted. Unfortunately, we believe some information, including employee data, was impacted. We are working closely with law enforcement, as well as world class third-party data security experts, to mitigate and resolve this...

arstechnica.com
Dan Goodin
Aug 18
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
Hackers can eavesdrop on mobile calls with $7,000 worth of equipment

Hackers can eavesdrop on mobile calls with $7,000 worth of equipment

The emergence of mobile voice calls over the standard known as Long Term Evolution (LTE) has been a boon for millions of cell phone users around the world. VoLTE, short for Voice over LTE, provides up to three times the capacity of the earlier 3G standard, resulting in high-definition sound quality that’s a huge improvement over earlier generations. VoLTE also uses the same IP standard used to send data over the Internet, so it has the ability to work with a wider range of devices. VoLTE does all of this while also providing a layer of security not available in predecessor cellular...

arstechnica.com
Dan Goodin
Aug 13
Worthy
Share
Save
Give Tip
Review
gold-cheese83%
0days, a failed patch, and a backdoor threat. Update Tuesday highlights

0days, a failed patch, and a backdoor threat. Update Tuesday highlights

Microsoft on Tuesday patched 120 vulnerabilities, two that are notable because they’re under active attack and a third because it fixes a previous patch for a security flaw that allowed attackers to gain a backdoor that persisted even after a machine was updated.Zero-day vulnerabilities get their name because an affected developer has zero days to release a patch before the security flaw is under attack. Zero-day exploits can be among the most effective because they usually go undetected by antivirus, intrusion prevention systems, and other security protections. These types of attacks...

arstechnica.com
Dan Goodin
Aug 12
Worthy
Share
Save
Give Tip
Review
OUTLETS
arstechnica.com

arstechnica.com

CRITIC
img-trusted
82%
PUBLIC
img-trusted
83%
wired.com

wired.com

CRITIC
img-trusted
91%
PUBLIC
img-trusted
76%