Kim Zetter 4 months ago

Posting this because the email address is so ridiculous (and yet people probably clicked on it anyway). WSJ published a story yesterday about hackers from China posing as House committee chair Rep. John Moolenaar to send a phishing email to trade groups, law firms and U.S. government agencies. I got hold of the email and the sender address is: johnmoolenaar.mail.house.gov@zohomail.com https://www.wsj.com/politics/national-security/china-trade-talks-spy-5c4801ca

Kim Zetter 5 months ago

Two years ago when researchers found and publicly exposed an intentional backdoor in a TETRA encryption algorithm used to secure radio communications for police/military/intel agencies around the world -- the algorithm involved a key advertised as one strength but secretly reduced to 32 bits -- the European organization that produced the algorithm told users that to secure their communications they could deploy an end-to-end encryption solution on top of the backdoor'd algorithm. Now the same researchers say they found a security problem with the end-to-end solution as well -- another reduced key. Here's my story for Wired:

WIRED

Encryption Made for Police and Military Radios May Be Easily Cracked

Researchers found that an encryption algorithm likely used by law enforcement and special forces can have weaknesses that could allow an attacker t...

Kim Zetter 6 months ago

China's APT cyberspies are some of the best in the business. But how did the hackers get their start? Turns out many were "Honkers" - patriotic hackers in their teens and 20s who, in the late 90s, launched nationalistic cyberattacks against countries they deemed disrespectful to China. But as the Honkers developed their skills over time, the PLA and MSS came calling. In recent years they have been tied to prolific APT groups responsible for hundreds of intrusions in the US and around the world; and some have been indicted. Some of them also launched companies, like i-Soon, that have played an integral role in China's state hacking operations. Here's my story, based on great research from Eugenio Benincasa and Adam Kozy.

WIRED

How China’s Patriotic ‘Honkers’ Became the Nation’s Elite Cyberspies

A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus.

Kim Zetter 8 months ago

The UAE has been trying to recruit Pentagon workers displaced by DOGE to move to Abu Dhabi to work on AI for the UAE's military. A UAE brigadier general met last month with two former staffers of the Defense Digital Service who have worked on US classified projects and tried to recruit them and their entire DDS team to move to Abu Dhabi. The general was apparently given permission by the Pentagon to recruit the members of Defense Digital Service -- who resigned enmasse from their jobs last month due to DOGE --- despite warnings last year from US spy agencies and federal lawmakers that the UAE could share AI tech with China and despite the UAE's disturbing history of recruitment of US workers. Remember Dark Matter when the UAE recruited former NSA operators/analysts to work on cybersecurity jobs only to have them help UAE spy agencies hack other nations, members of the royal family and dissidents and journalists? One of the people from the UAE who assisted with the recruiting of DDS workers has ties to Dark Matter. Here's my story:

ZERO DAY

UAE Recruiting US Personnel Displaced by DOGE to Work on AI for its Military

A UAE brigadier general received permission from the Pentagon to recruit former members of the Defense Digital Service to work on artificial intell...

Kim Zetter 9 months ago

Chris Krebs has quit his job at SentinalOne to launch a legal and public relations fight against Trump and the presidential memo Trump he signed against Krebs last week. "Krebs said he understood why some have kept a low profile and tried not to further anger the president. But he said he disagreed with that approach. "I don’t think this lay-low-and-hope-this-blows-over approach is the right one for the moment we’re in." Miles Taylor who was also targeted by Trump said "the memos targeting him and Krebs were 'punishment for dissent' and that he too planned to fight back.... 'How we respond will set the tone inevitably for how others targeted by these EOs decide to respond.” https://www.wsj.com/politics/policy/chris-krebs-trump-cybersecurity-executive-action-31cb99cb

Kim Zetter 10 months ago

I wanted to let everyone know that I've updated my story about the "stand down" order a few times since I first published it yesterday. The most recent update includes a statement from a former Cyber Command general counsel who says that "Ordering Cyber Command to stop operating below the use of force is tantamount to ordering Cyber Command to stop operating." I don't always post my stories or updates to my stories here, so the best way to follow anything I publish at Zero Day is to become a subscriber there. You can subscribe for free or -- if you'd like to support my work (which is only funded by readers) -- you can become a paid subscriber.

ZERO DAY

Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? (Story updated)

Two blockbuster stories published on Friday that appear to confirm what many Americans suspected would occur under the Trump administration – tha...

Kim Zetter 10 months ago

Two seemingly blockbuster stories published on Friday that reported that the Trump admin had ordered US Cyber Command and CISA to "stand down" on their work to detect and counter Russian cyber threats. But new info has come out to contradict the stories or qualify them. I dug into what we know and don't know. As always, if anyone has any additional information related to these stories, please contact me on Signal at KimZ.42.

ZERO DAY

Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? (Story updated)

Two blockbuster stories published on Friday that appear to confirm what many Americans suspected would occur under the Trump administration – tha...

Kim Zetter 11 months ago

The National Science Foundation fired nearly 170 workers this morning in Zoom call. This included workers who had already cleared their one-year probationary period only to have it changed to two years earlier this month, putting them in line for termination. It also included at-will permanent workers -- the latter were not among those designated for firing by the Trump administration; instead NSF decided on its own to eliminate them. Here's my story:

WIRED

National Science Foundation Fires 168 Workers as Federal Purge Continues

Firings at the NSF included permanent employees who had already completed their one-year probationary period, as well as at-will workers.