A former L3Harris executive pleads guilty in a US district court to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars
* “at least eight sensitive and protected cyber-exploit components” illegally sold to “a Russian cyber-tools broker” (for ~$1.3m). Obviously at a huge discount, bc super illegal — But separately “[...
Experts say some Trump officials' plans to amp up cyberattacks against China would risk retaliation the US is increasingly unprepared for amid budget cuts
Joseph Menn / Washington Post :
Coinbase says hackers accessed data of a “small subset” of users, but not credentials, expects to incur $180M-$400M in costs, and refuses to pay a $20M ransom
and the investigators who saw it coming Sead Fadilpašić / TechRadar : Personal information leaked in Coinbase cyberattack, cost could be $400 million Bloomberg : Coinbase Hack Could Cost Company $400 ...
Sources: DOGE plans to build a centralized database with troves of personal info about millions of US residents, violating or disregarding security protocols
www.washingtonpost.com/business/ 202... @galetstrong : Federal data is now along the lines of something you might find in The National Enquirer, not actual data. — Donald Trump's Information Warfare...
Researchers detail a “nearest neighbor attack” by Russia's APT28, which remotely breached a target's Wi-Fi by hijacking a laptop in a building across the street
The “Nearest Neighbour attack” (very cool name, btw) involves connecting with nearby organizations and using their Wi-Fi networks to reach the main target organization. … @xpnsec.com : This hack is br...
Apple files to drop its NSO suit, citing Israeli government's alleged seizure of NSO files, and saying Apple's court disclosures may aid NSO and other hackers
Joseph Menn / Washington Post :
Sources: China-linked hackers penetrated deep into two big US ISPs and several smaller ones in recent months, using a zero-day flaw in Versa Networks software
Joseph Menn / Washington Post :
Access Now and Citizen Lab: Russian spy agencies are using deep knowledge about opponents, reporters, and human rights groups to target them via phishing emails
Joseph Menn / Washington Post :
A look at AIxCC, or AI Cyber Challenge, a competition launched in 2023 and run by DARPA to design an AI program that scans open source code for security flaws
Computer scientists brainstorm in Pentagon-backed competition to design an AI program that scans open-source code for flaws bad actors could exploit Mastodon: @JosephMenn@infosec.exchange . Bluesky: @...
A federal judge dismisses a case in which an imprisoned Saudi dissident and his sister, who is a US citizen, accused X of conspiring with the Saudi government
Joseph Menn / Washington Post :