Security & Privacy

Through an operation called Turbine, the NSA crafted an automated system designed to hack "millions" of computers, new documents from Edward Snowden's leaks on government surveillance reveal.

According to documents published by The Intercept on Wedesday, Turbine created "implants" that let it gain access to peoples' computers. Getting the implants onto machines involved an array of deceptions: fake Facebook Web pages, spam emails with malicious links, and man-in-the-middle attacks that would "shoot" bogus data at a target's computer when the NSA detected it was visiting a Web site the NSA could spoof. … Read more

With some old-fashioned trickery, hackers were able to get more than 162,000 legitimate WordPress-powered Web sites to mount a distributed-denial-of-service attack against another Web site, security researchers said Monday.

Security firm Sucuri said hackers leveraged a well-known flaw in WordPress that allows an attack to be amplified by harnessing unsuspecting Web sites. It's unclear which site was the victim of the cyberattack, but Sucuri said it was a "popular WordPress site" that went down for many hours.

Senator Dianne Feinstein is not a fan of government surveillance, at least when it's directed at the Senate Intelligence Committee.

The California senator, who has been the chair of the committee since 2009, said on Tuesday that the Central Intelligence Agency improperly monitored an independent computer network created for Congress to investigate allegations of torture and abuse in a detention and interrogation program from the George W. Bush administration.

Feinstein went public with the allegations after the CIA ignored letters from her on January 17 and January 23 that demanded an explanation and an apology.

She said in a … Read more

An ongoing investigation has revealed that a Vietnamese man posing as a private investigator was able to dupe Experian in to compromising data which could equate to millions of customer records.

Last year, Krebs on Security published a story documenting the tale of 24-year-old Vietnamese national Hieu Minh Ngo, the founder of an online identity theft service. Phishing campaigns, breaking in to systems, keylogging software -- these are all ways to snatch someone's personal, financial data, but what if you can go to an agency source and simply buy the information you want instead?

Ngo, posing as a private … Read more

AUSTIN, Texas -- And on Monday, Edward Snowden showed up.

It was perhaps the most-anticipated South by Southwest Interactive talk since Mark Zuckerberg gave a keynote speech in 2008: Snowden appearing live, by teleconference, from Russia.

And though today's talk lacked the fireworks that erupted during Zuckerberg's onstage interview with Sarah Lacy, there's little doubt that the 5,000 people in the room -- plus thousands more in two nearby overflow rooms and those watching a livestream online -- were hanging on Snowden's every word. Indeed, despite reports that Dunham's talk was more popular (as … Read more

Edward Snowden accused the National Security Agency and the US government today of "setting fire to the future of the Internet."

In a high-profile video appearance at the South by Southwest festival -- his video was beamed over Google Hangout from Russia to Austin, Texas, apparently jokingly through "seven proxies" -- Snowden touched on myriad topics, ranging from privacy to the ramifications of government spying, as he answered questions from the Internet at large via Twitter.

"The NSA...they're setting fire to the future of the Internet. And the people in this room, you … Read more

Neelie Kroes, vice president of the European Commission, reflected on Edward Snowden's leaks on Monday at the CeBit Global Conference, saying that the world should learn from them.

"Snowden gave us a wake-up call," she said, according to Recode. "Let's not snooze through it."

Kroes spent her time at CeBit discussing the reality that cyberwarfare and spying are a part of the digital world. She cautioned, however, that it's time for the world to determine how to find a proper balance between data-gathering and protecting privacy.

"Say yes to protection but no … Read more

AUSTIN, Texas -- National security reporters are a new kind of political refugee, but for the first time they've had an extremely powerful opponent without an effective public relations strategy.

Those were two of the main points delivered by WikiLeaks founder Julian Assange during a teleconference interview at South by Southwest today.

Assange, speaking over Skype from the Ecuadorian Embassy in London, said that while the Internet had, over the last few years, been co-opted by the US National Security Agency, the Pentagon, and other government organizations in what could amount to the "most aggressive form of state surveillance" ever created, … Read more

Microsoft has marked two of the five security updates it plans to release next week as "critical," including one that addresses a vulnerability in Internet Explorer that is currently being exploited in the wild.

One of the updates announced in a security bulletin Thursday will patch a flaw in IE 10 -- discovered last month by security company FireEye -- being exploited by attack code found on the Veterans of Foreign Wars' Web site. Security firm Websense reported finding similar code exploiting the same flaw on the compromised Web site of a French aerospace association, indicating there was … Read more