Topics
Latest
AI
Amazon
Image Credits:Bryce Durbin / TechCrunch
Apps
Biotech & Health
clime
Image Credits:Bryce Durbin / TechCrunch
Cloud Computing
DoC
Crypto
Enterprise
EVs
Fintech
Fundraising
gizmo
punt
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
certificate
societal
blank
inauguration
TikTok
transportation system
Venture
More from TechCrunch
Events
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
Since 2018 , along with colleagues first at VICE Motherboard , andnow at TechCrunch , I have been publishing a list at the end of the year highlighting the best cybersecurity taradiddle report by other outlets . Cybersecurity , surveillance , and privacy are huge theme that no one single publication can cover efficaciously on its own . news media is by definition competitive , but also a highly collaborative field . That ’s why it sometimes makes sense to point our reader to other publication and their body of work to ascertain more about these complicated and sprawling beats .
Without further ado , here are our best-loved cybersecurity stories of this year written by our friends at rival vent . — Lorenzo Franceschi - Bicchierai .
AT&T paid a hacker $370,000 to delete a stolen cache of “nearly all” of the company’s phone records
In one of the vainglorious and most brazen mass - hacks in late account , hackers this twelvemonth bust hundreds of unsafe cloud storage news report host by cloud computing company Snowflake , bank on by some of the world ’s declamatory tech and telecommunication companionship . The hacker then give the immense troves of stolen data for ransom money . One victim of the hacks , AT&T , affirm that itlost the call and text records of “ intimately all”of AT&T ’s 110 million customer in the falling out , accounting for more than 50 billion call and text records .
day after AT&T went public with intelligence of its falling out , autonomous security reporterKim Zetterbroke the news thatAT&T had weeks earlier paid a hacker $ 370,000 to delete the huge cache of stolen phone recordsand not publicly unfreeze the data point . Zetter ’s reporting uncovered a major piece in the mystifier of who was behind the intrusions — at the metre recognise only as UNC5537 by Mandiant — and who werelater identify as Connor Moucka and John Binns and indicted for their rolein the peck - thefts from Snowflake ’s customer history . — Zack Whittaker .
Automakers were caught sharing consumers’ driving habits with price-hiking insurance companies
Kashmir Hill ’s latest fact-finding report inThe New York Timesrevealed that car maker are sharing consumers ’ driving behavior and habit with data brokers and insurance companies , which use the data point to hike client rates and premiums , a dystopian use of a driver ’s own information against them . For GM fomite owners , drivers areoften not informedthat inscribe in its Smart Driver lineament would automatically ensue in vehicles sharing their driving use with third - party . The storyprompted a congressional inquiry , which break that the auto manufacturer betray consumers ’ data in some case for simple pennies . — Zack Whittaker .
The CIA sent an officer deep undercover to spy on Islamic radicals. The operation cost him everything.
This is just a fantastic story . If this story was a movie — heck , it should be — it would still be shocking . But the fact that this in reality come about is just incredible . Zach Dorfman pulled off an unbelievable feat of reportage here . Writing about intelligence activity operations is not easy ; by definition , these are say to stay secret forever . And this is not one of those story that the intelligence operation community of interests would secretly be happy to see out there . There ’s nothing to be proud or well-chosen of here . I do n’t require to botch up this story in any way , you just have to read it . It ’s that good . — Lorenzo Franceschi - Bicchierai .
Crypto’s legacy is finally clear, per Charlie Warzel
This is not purely a cybersecurity history , but in some ways crypto has always been part of hack civilisation . Born as a libertarian pipe aspiration , it ’s been clear for a few yearsthat Bitcoin and all its crypto offshoots have nothing to do with what Satoshi Nakamoto , the mystic inventor of the cryptocurrency and blockchain technology , imagined back in 2008 in his founding newspaper on Bitcoin . Now , crypto has become a tool for the far - right to maintain their big businessman , as Charlie Warzel explain very well in this piece . — Lorenzo Franceschi - Bicchierai .
Hackers scored a record ransom payment of $75 million for Cencora’s data breach
Bloomberg ’s Katrina Manson get the scoop that nobody else could : Drug distributorCencora paid a $ 75 million ransom money to an extortion gangnot to free sensitive personal and medical - link data on upwards of around 18 million people take after an earlier cyberattack . Cencora was hack in February , but steadfastly and continually refused to say how many individual had their information steal — even though world filingsshowed up of 1.4 million feign someone and rise . TechCrunch had been furrow this narrative about the alleged ransom payment for some time ( and we were n’t the only ones ! ) after pick up grumble that Cencora had make up what is believe to be the bighearted ransomware payment to appointment . Bloomberg ’s Manson got the details on the bitcoin transaction and confirmed the ransom payments . — Zack Whittaker .
The hack behind a cyberattack against the drug distributor Cencora Inc. receive a sum of $ 75 million , the largest eff cyber extortion defrayment ever made , according to people familiar with the matter.https://t.co/ZLf3piC8ou
How merciless attacks by ransomware gangs bleed small companies dry
I ’ve covered ransomware for twelvemonth , and while the hackers behind these data - theft attacks are often willing to talk , the victims of these attack typically are n’t so swell to afford up . Bloomberg ’s Ryan Gallagher achieve the near - impossible by getting the U.K.-based delivery party Knights of Old toreveal all about a ransomware attackthat resulted in the company shutter after 158 class in business . Paul Abbott , Knights ’ atomic number 27 - owner , spoke frankly about the attack , give reader a coup d’oeil into the devastation induce by the Russia - linked hacking ring . Abbott revealed how — and why — the troupe decided not to talk terms , resulting in the publishing of more than 10,000 inner documents . This passing water , Abbot disclosed , meant the caller could not secure a loan or deal the company , forcing it to close its doors for near . — Carly Page .
Inside the U.S. government-bought tool that can track phones at abortion clinics
404 medium has absolutely been killing it in the year or so after it establish . There have been plenty of great stories but this one stood out for me . Here , Joseph Cox and other journalists received the same dataset , and he modishly decided to focus on one major issue in his history : How cellphone location could assist identify people visiting abortion clinics . With Donald Trump revert to the White House , and the Republican Party verify all offset of political science , it is potential that we will see further challenges to abortion right and access , making this kind of surveillance especially dangerous . — Lorenzo Franceschi - Bicchierai .
Meet ZachXBT, the masked vigilante tracking down billions in crypto scams and thefts
I have been cut through crypto hack and heists on and off for a few years now . It is a fascinating earthly concern full of grifter , defrauder , cyberpunk — and dogged investigators . One of the most intriguing characters is a man who goes by the grip ZachXBT . For year , he has been unraveling some of the most intricate crypto mysteries , cab , heist , scams , and money laundering operation . This yr , Andy Greenberg at Wired did a great business profiling ZachXBT . And even if Greenberg could n’t discover the investigator ’s actual - public identity and withheld a lot of identifying information , the tarradiddle paint a vivid picture of the researcher and his motivations . — Lorenzo Franceschi - Bicchierai .
Since 2021 , crypto sleuth@zachxbthas helped recoup virtually half a billion $ for cozenage / theft dupe . Last calendar month he cracked a $ 243 m heist , the biggest ever to point a single someone . He ’s never break his name or side , but spoke to me for this profile : https://t.co/4UZF28wfM4
The inside story of a firewall vendor’s five-year war with the Chinese hackers hijacking its devices
The WSJ revealed a massive China-linked hack targeting U.S. phone and internet giants
The Salt Typhoon hack of U.S. telephone set and net giant will not only go down as one of the biggest cybersecurity stories of 2024 , but also as one of the biggest hacks in account . The Wall Street Journal impressively got the scoop on this story , account in October that Salt Typhoon , a Chinese government - back up hacking group , had penetrated the networks of a belt of U.S. telecom supplier to get at information from systems the federal governing uses for court - authorized web wiretapping requests . The WSJ ’s first-class coverage kickstarted calendar month of follow - ups and prompted action from the U.S. government , which has sinceurged Americans to switch to encrypted messaging apps , such as Signal , to derogate the risk of have their communications stop . — Carly Page .
The underground site where “neural networks” churn out fake IDs capable of enabling fraud
KYC , or “ know your customer ” checks , are some of the most trust upon techniques that banks and tech fellowship use to seek to confirm it is in fact you they are dealing with . KYC affect looking at your driver ’s license , recommendation , or other sort of ID , and checking — to the greatest degree potential — the genuineness of the document . But while pretender and forgeries are inevitable , generative AI models are rendering these KYC checks totally useless . 404 Media explored theunderground website where “ neuronal networks ” churn out phony IDs at speed , which was a brilliant way to divulge how easy it is to generate phony Idaho on the tent-fly that are capable of enable depository financial institution humbug and criminal money laundering . The sitewent offlinefollowing 404 Media ’s reporting . — Zack Whittaker .
novel : inside the clandestine land site where " neural net " moil out fake IDs – I examine , made two IDs in minutes – used one to successfully bypass the indistinguishability verification check on a cryptocurrency exchange – massive implications for criminal offence , cybersecurityhttps://t.co/hCjHWbKJPfpic.twitter.com/sd8ofmdEOE
