Cloud “container” defenses have inconsistencies that can give attackers too much access. A new company, Edera, is taking on that challenge and the problem of the male-dominated startup world.

Plus: Apple turns off end-to-end encrypted iCloud backups in the UK after pressure to install a backdoor, and two spyware apps expose victim data—and the identities of people who installed the apps.

The cybersecurity lead for VA.gov was fired last week. He tells WIRED that the Veterans Affairs digital hub will be more vulnerable without someone in his role.

Romance scams cost victims hundreds of millions of dollars a year. As people grow increasingly isolated, and generative AI helps scammers scale their crimes, the problem could get worse.

Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more.

For much of the past year, the trail of destruction and mayhem left behind by ransomware hackers was on full display. Digital extortion gangs paralyzed hundreds of US pharmacies and clinics through their attack on Change Healthcare, exploited security vulnerabilities in the customer accounts of cloud provider Snowflake to breach a string of high-profile targets, and extracted a record $75 million from a single victim.

Yet beneath those headlines, the numbers tell a surprising story: Ransomware payments actually fell overall in 2024—and in the second half of the year dropped more precipitously than in any six-month period on record.

Cryptocurrency tracing firm Chainalysis today released a portion of its annual crime report focused on tracking the ransomware industry, which found that ransomware victims’ extortion payments totaled $814 million in 2024, a drop of 35 percent compared to the record $1.25 billion that hackers extracted from ransomware victims the previous year. Breaking down the payments over the course of 2024 shows an even more positive trend: Hackers collected just $321 million from July through December compared to $492 million the previous half year, the biggest falloff in payments between two six-month periods that Chainalysis has ever seen.

Read full article

Comments

© Just_Super via Getty

Experts question whether Edward Coristine, a DOGE staffer who has gone by “Big Balls” online, would pass the background check typically required for access to sensitive US government systems.

The dismantling of USAID by Elon Musk's DOGE and a State Department funding freeze have severely disrupted efforts to help people escape forced labor camps run by criminal scammers.

Ransomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars.

Security researchers tested 50 well-known jailbreaks against DeepSeek’s popular new AI chatbot. It didn’t stop a single one.

China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.

Amid ongoing fears over TikTok, Chinese generative AI platform DeepSeek says it’s sending heaps of US user data straight to its home country, potentially setting the stage for greater scrutiny.

Chinese hacks, rampant ransomware, and Donald Trump’s budget cuts all threaten US security. In an exit interview with WIRED, former CISA head Jen Easterly argues for her agency’s survival.

TikTok is now unavailable in the United States—and getting around the ban isn’t as simple as using a VPN. Here’s what you need to know.

Plus: New details emerge about China’s cyber espionage against the US, the FBI remotely uninstalls malware on 4,200 US devices, and victims of the PowerSchool edtech breach reveal what hackers stole.

A breach of AT&T that exposed “nearly all” of the company’s customers may have included records related to confidential FBI sources, potentially explaining the bureau’s new embrace of end-to-end encryption.

Huione Guarantee, a gray market researchers believe is central to the online scam ecosystem, now includes a messaging app, stablecoin, and crypto exchange—while facilitating $24 billion in transactions.

Plus: The FBI discovers a historic trove of homemade explosives, new details emerge in China’s hack of the US Treasury Department, and more.

Your messages going back years are likely still lurking online, potentially exposing sensitive information you forgot existed. But there's no time like the present to do some digital decluttering.

Treasury says hackers accessed “certain unclassified documents” in a “major” breach, but experts believe the attack’s impacts could prove to be more significant as new details emerge.