The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online.
vulnerabilities
Apple Offers Its Closest Look Yet at iOS and MacOS Security
In its latest Platform Security Guide, Cupertino raised the curtain on the critical features that protect against hackers.
France Ties Russia’s Sandworm to a Multiyear Hacking Spree
A French security agency warns that the destructively minded group has exploited an IT monitoring tool from Centreon.
The Untold History of America’s Zero-Day Market
The lucrative business of dealing in code vulnerabilities is central to espionage and war planning, which is why brokers never spoke about it—until now.
A Windows Defender Flaw Lurked Undetected for 12 Years
Microsoft has finally patched the bug in its antivirus program after researchers spotted it last fall.
A Hacker Tried to Poison a Florida City’s Water Supply
The attacker upped sodium hydroxide levels in the Oldsmar, Florida, water supply to extremely dangerous levels.
A Second SolarWinds Hack Deepens Third-Party Software Fears
It appears that not only Russia but also China targeted the company, a reminder of the many ways interconnectedness can go wrong.
Update Your iPhone and iPad Now If You Haven’t Recently
Plus: A ransomware arrest, a dating site data leak, and more of the week’s top security news.
Apple Fixes One of the iPhone’s Most Pressing Security Risks
By hardening iMessage in iOS 14, the company has effectively cut off what had been an increasingly popular line of attack.
North Korea Targets—and Dupes—a Slew of Cybersecurity Pros
The sweeping campaign took advantage of the collaborative spirit among researchers, with an unknown number of victims.