Security News

A federal judge in New York on Monday declared a mistrial in the case of a former CIA software engineer who was accused of stealing a massive trove of the agency's classified hacking and tools and leaking it to WikiLeaks whistleblower website. Schulte, who designed hacking tools and malware for both the CIA and NSA to break into adversaries computers, was arrested in August 2017 and initially charged with possession and transportation of child pornography.

A federal judge in New York on Monday declared a mistrial in the case of a former CIA software engineer who was accused of stealing a massive trove of the agency's classified hacking and tools and leaking it to WikiLeaks whistleblower website. Schulte, who designed hacking tools and malware for both the CIA and NSA to break into adversaries computers, was arrested in August 2017 and initially charged with possession and transportation of child pornography.

The Social Network chalked up an easy win this week when a US court issued a default notice in its favor against Israeli spyware builder NSO group. Facebook filed suit back in 2019, alleging NSO developed code for exploits in acquired crypto chat app WhatsApp.

The fate of the man accused of leaking top-secret CIA hacking tools - software that gave the American spy agency access to targets' phones and computer across the world - is now in the hands of a jury. Joshua Schulte stands accused of stealing the highly valuable materials directly from the CIA's innermost sanctum and slipping them to WikiLeaks to share with the rest of the planet.

Airline pilots faced with hacked or spoofed safety systems tend to ignore them - but could cost their airlines big sums of money, an infosec study has found. The team, who presented their paper at the NDSS infosec symposium, found that while their attacks against these systems "Created significant control impact and disruption through missed approaches", all pilots in the study were able to cope and land their simulated aircraft safely.

Qihoo 360, one of the most prominent cybersecurity firms, today published a new report accusing the U.S. Central Intelligence Agency to be behind an 11-year-long hacking campaign against several Chinese industries and government agencies. The claims made by the company are based on the evidential connection between tools, tactics, and procedures used by a hacking group, dubbed 'APT-C-39' against Chinese industries, and the 'Vault 7' hacking tools developed by the CIA. As you may remember, the massive collection of Vault 7 hacking tools was leaked to the public in 2017 by the whistleblower website Wikileaks, which it received from Joshua Adam Schulte, a former CIA employee who is currently facing charges for leaking classified information.

Speaking at the RSA Conference 2020 on Thursday, security technologist Bruce Schneier called for a better cooperation between security experts and government policymakers. From education systems to election structures, society is built on conventional "Models" that made sense when they were first formed hundreds of years ago, said Schneier, a lecturer at the Harvard Kennedy School.

HackerOne announced findings from the 2020 Hacker Report, which reveals that the concept of hacking as a viable career has become a reality, with 18% describing themselves as full-time hackers, searching for vulnerabilities and making the internet safer for everyone. The annual report is a study of the bug bounty and vulnerability disclosure ecosystem, detailing the efforts and motivations of 3,150 hackers from over 120 countries who successfully reported one or more valid security vulnerabilities on HackerOne.

An apparent ransomware attack on an accounting firm in December exposed the patient data of Community Care Physicians, a large upstate New York medical group, as well as other clients of the firm. Some of the data that was breached as a result of the attack on Albany, New York-based BST & Co. CPAs LLC has shown up on the publicly accessible website of ransomware gang Maze, which purportedly names and shames victims into paying ransoms, says Brett Callow, a threat analyst with the security firm Emsisoft.

A newly identified hacking group has been targeting gambling companies in Asia, the Middle East and Europe, using backdoors to steal source code and other data, according to new research from security firm Trend Micro. The APT group was first discovered in the summer of 2019 by the consultancy Talent-Jump Technologies, which was conducting an incident response operation for a client located in the Philippines when it came across a never-before-seen backdoor connected to these hackers, according to the Trend Micro report.