Odds and Ends 

Cloudflare reportedly gearing up for a $3.5 billion IPO next year

Cloudflare is reportedly preparing for an initial public offering with a potential valuation of more than $3.5 billion. According to Reuters, the IPO would take place in the first half of 2019 and be led by Goldman Sachs. This year is expected to be a strong one for cybersecurity stock debuts, thanks in part to increasing awareness of, and demand for, security and privacy services. Another cybersecurity startup said to be prepping for an IPO is CrowdStrike, which raised $200 million earlier this year on a valuation of $3 billion.…

Read More
Headlines 

Phone Numbers Were Never Meant as ID. Now Were All At Risk

On Thursday, T-Mobile confirmed that some of its customer data was breached in an attack the company discovered on Monday. It's a snappy disclosure timeframe, and the carrier said that no financial data or Social Security numbers were compromised in the breach. A relief, right? The problem is the customer data that was potentially exposed: name, billing zip code, email address, some hashed passwords, account number, account type, and phone number. Pay close attention to that last one. The cumulative danger of all of these data points becoming exposed—not just…

Read More
Headlines 

Taking Away John Brennan’s Clearance Threatens National Security

In a move that has shocked career national security officials, President Trump stripped former CIA Director John Brennan of his security clearance this week, and announced he was considering doing so for a host of others. The move so enraged retired Navy Admiral William McRaven—the man who oversaw the killing of Osama Bin Laden—that he wrote an op-ed telling Trump to revoke his clearance too, in solidarity with Brennan. But what the general public might not realize is that cutting off Brennan and others has more than just symbolic cost.…

Read More
Headlines 

Security News This Week: Surprise, the FCC Lied About That DDoS Attack

It’s Black Hat and DefCon conference time again, when the world’s top security researchers descend on the den of iniquity that is Las Vegas in August and try to scare the bejeezus out of people with new research into ominous hacks. Hooray! WIRED’s been there for a few days already. Lily Hay Newman discovered that several mobile credit card readers are rife with bugs, potentially leaving you exposed. She also reports that researchers found a way to hack new Mac computers right out of the box, and the hubs that…

Read More
Headlines 

Millions of Android Devices Are Vulnerable Right Out of the Box

Security meltdowns on your smartphone are often self-inflicted: You clicked the wrong link, or installed the wrong app. But for millions of Android devices, the vulnerabilities have been baked in ahead of time, deep in the firmware, just waiting to be exploited. Who put them there? Some combination of the manufacturer that made it, and the carrier that sold it to you. That’s the key finding of new analysis from mobile security firm Kryptowire, which details troubling bugs preloaded into 10 devices sold across the major US carriers. Kryptowire CEO…

Read More
Headlines 

The Elite Microsoft Hacker Team That Keeps Windows PCs Safe

“Windows is still the central repository of malware and exploits. Practically, there’s so much business done around the world on Windows. The attacker mentality is to get the biggest return on investment in what you develop in terms of code and exploits,” says Aaron Lint, who regularly works with red teams in his role as chief scientist at application protection provider Arxan. “Windows is the obvious target.” “In most browser attacks, you first need to compromise what’s called the browser sandbox, and then you need a way out of that…

Read More
Headlines 

How NATO Defends Against the Dark Side of the Web

"Oops, your files have been encrypted!" This was the chilling message that greeted hundreds of thousands of computer users last summer. The WannaCry ransomware attack brought production to a standstill at Renault factories across France, put lives at risk by attacking hospitals in the UK, and cost companies around the world billions of dollars in lost revenue. WIRED OPINION ABOUT Jens Stoltenberg (@jensstoltenberg) is NATO secretary general and the former prime minister of Norway. The digital revolution has transformed our lives for the better. But this revolution has a dark…

Read More
Headlines 

A Georgia Hacking Bill Gets Cybersecurity All Wrong

In March, the Georgia State General Assembly passed a bill that would make it illegal to access a computer or network "without authority." Georgia Governor Nathan Deal has until Tuesday to decide whether to sign it into law or veto it. The 40-day limbo has morphed from a bureaucratic formality, though, into a heated debate with national implications. In just 43 lines, the bill raises fundamental questions about how to establish boundaries in cyberspace without hindering vital security research and, crucially, the ethics of "hacking back," in which institutions that…

Read More
Headlines 

The White House Loses Its Cybersecurity Brain Trust

Today, the White House confirmed that cybersecurity coordinator Rob Joyce will head back to the National Security Agency, where he previously ran the nation’s top hacking team. His departure comes just a week after Tom Bossert, Trump’s cybersecurity czar and Joyce’s boss, was forced out—and leaves the administration without two trusted voices on one of the most important challenges the US faces going forward. While Bossert’s exit appears to have been engineered by recently installed national security advisor John Bolton, Reuters reports that Joyce will leave of his own accord.…

Read More
Headlines 

Army of 01101111: The Making of a Cyber Battalion

Satellite dishes mark the main gate of Fort Gordon, eggshell white and lasering up at the moon. It’s a modest shrine, as these things go. Many military bases put machines of might on the front porch—tanks or helos or jumbo artillery guns—but the dishes fit Fort Gordon just fine. They’re subtle. They’re quiet. Inside the gates it’s more of the same. Fort Gordon sits in a soft Georgian basin, the traditional home of the US Army Signal Corps. Signal has been around since the Civil War and has long been…

Read More
Headlines 

How to make sure sketchy Facebook apps aren’t spying on you

Image: Vicky Leta/Mashable Over the years, you’ve probably logged into a lot of services on Facebook without thinking about how those services use your data. Some of those services may have leveraged your data to undermine the very foundations of American democracy. Hard to say! New reports from the Guardianand New York Timesreveal how a Trump-aligned data-gathering service called Cambridge Analytica “exploited” information from millions of people in the lead-up to the 2016 election. It was pretty simple: The firm created a personality test app called “thisisyourdigitallife,” and people opted…

Read More
Headlines 

Worldwide Threats Briefing: 5 Takeaways, From Russia to China

On Tuesday, the heads of the NSA, CIA, FBI, and ODNI—America's intelligence community brain trust—gathered before members of the Senate Select Committee on Intelligence to discuss various worldwide threats. And while most of the topics were familiar, the hearing also included a few revelatory moments, insights into fears that were either detailed or confirmed. The following doesn't comprise every single morsel shared by NSA chief Mike Rogers, CIA head Mike Pompeo, FBI director Christopher Wray, and Director of National Intelligence Dan Coats on Tuesday. But it does take a closer…

Read More
Headlines 

Cryptojackers used YouTube ads to secretly mine cryptocurrency

Image: Peter Dazely / Getty Images YouTube is turning passive viewers into cryptocurrency miners, and Google isn’t happy. The issue became apparent earlier in the week as complaints surfaced on social media claiming that YouTube ads were raising red flags in anti-virus software. A service called Coinhive was hijacking a viewer’s CPU and using its power to mine crypto. SEE ALSO: CryptoCelebrities are the newest irritating kid on the blockchain A Friday blog post from Trend Micro, an international cybersecurity company, confirmed the sharp uptick in Coinhive use earlier in…

Read More
Headlines 

Equifax is already facing a major class-action lawsuit for its massive data breach

Image: AP/REX/Shutterstock That didn’t take long. Two Oregon women filed a class action lawsuit against Equifax Thursday evening, just hours after the credit reporting agency revealed a massive data breach that may have compromised personal information belonging to 143 million Americans. SEE ALSO: Bad news for literally anyone with a credit card: there’s a good chance you just got hacked The complaint accuses Equifax of negligence in protecting consumer data, arguing the company chose to skimp on costs rather than take adequate technical measures that might have thwarted hackers. “Equifax…

Read More
Odds and Ends 

Trumps cybersecurity executive order is a good first step

More posts by this contributor: In Communications, Privacy And Security Are Illusions Happy New Year — Unless You’re A Startup A significant piece of cybersecurity news nearly drowned out by the firing of FBI Director James Comey. There aretwo overriding pointsregarding President Trumps executive order (EO) outlining plans to improve data security for federal agencies and to better protect critical U.S. infrastructure. Firstly, this development was truly important a serious call to action to beef up government cybersecurity measures at a time when breaches dominate the headlines and mounting worries about a…

Read More