Category Archives: Technology Lab

Stealthy Google Play apps recorded calls and stole e-mails and texts

Posted on July 27, 2017 by Dan Goodin

Company expels 20 advanced surveillance apps installed on ~100 devices. Continue reading Stealthy Google Play apps recorded calls and stole e-mails and texts→

Microsoft expands bug bounty program to cover any Windows flaw

Posted on July 26, 2017 by Peter Bright

Now every part of Windows is covered by a bug bounty scheme. Continue reading Microsoft expands bug bounty program to cover any Windows flaw→

Mac malware that went undetected for years spied on everyday users

Posted on July 24, 2017 by Dan Goodin

Surveillance malware dubbed Fruitfly was easy to spot but flew under the radar anyway. Continue reading Mac malware that went undetected for years spied on everyday users→

Google drops the boom on WoSign, StartCom certs for good

Posted on July 20, 2017 by Sean Gallagher

Citing “certificate misissuance,” Google to expire all certs from offenders by September. Continue reading Google drops the boom on WoSign, StartCom certs for good→

FCC has no documentation of DDoS attack that hit net neutrality comments

Posted on July 20, 2017 by Jon Brodkin

Records request denied because FCC made no “written documentation” of attack. Continue reading FCC has no documentation of DDoS attack that hit net neutrality comments→

FBI-DHS “amber” alert warns energy industry of attacks on nuke plant operators

Posted on July 7, 2017 by Sean Gallagher

Spear-phishing e-mails with malicious fake resumes targeted plant engineers. Continue reading FBI-DHS “amber” alert warns energy industry of attacks on nuke plant operators→

Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak

Posted on July 5, 2017 by Dan Goodin

Operation that hit thousands was “thoroughly well-planned and well-executed.” Continue reading Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak→

No evidence NotPetya developers obtained NSA exploits weeks before their public leak

Posted on June 30, 2017 by Dan Goodin

Evidence ties people behind massive malware attack to mysterious Shadow Brokers group. Continue reading No evidence NotPetya developers obtained NSA exploits weeks before their public leak→

Tuesday’s massive ransomware outbreak was, in fact, something much worse

Posted on June 28, 2017 by Dan Goodin

Payload delivered in mass attack destroys data, with no hope of recovery. Continue reading Tuesday’s massive ransomware outbreak was, in fact, something much worse→

Microsoft bringing EMET back as a built-in part of Windows 10

Posted on June 27, 2017 by Peter Bright

The built-in exploit mitigations are getting stronger and easier to configure. Continue reading Microsoft bringing EMET back as a built-in part of Windows 10→