As the Biden administration comes to an end, the White House released a 40-page executive order on Thursday aimed at maintaining federal cybersecurity protections and putting in place fences for the US government’s use of AI. WIRED also spoke with the US ambassador for cyberspace and digital policy, Nathaniel Fick, about the urgency for the Trump administration not to cow Russia and China in the global race for technical dominance. Outgoing FCC Chair Jessica Rosenworcel details for WIRED the threats facing US telecommunications, at least nine of which were recently breached by China’s Salt Typhoon hacker. Meanwhile, US officials are still scrambling to get a handle on various espionage campaigns and other data breaches, with new revelations this week that the AT&T breach disclosed last summer compromised FBI phone and text logs that could reveal the identity of anonymous sources. Huione Garansi , online market large that researchers say provides a variety of services to online scammers, has expanded its offerings to include messaging apps, stablecoins, and crypto exchanges and has facilitated $24 billion in transactions, according to research new. Recent findings suggest that GitHub’s efforts to crack down on the use of deepfake porn software are falling short. And WIRED has taken a deep dive into the opaque world of predictive travel surveillance and companies and governments pumping data about international travelers into AI tools meant to detect people who might be “threats.” But wait, there’s more! Every week, we round up security and privacy news that we don’t cover in depth. Click the title to read the full story. And stay safe outside. Chinese spies, US spies, all spies. Mutual espionage is a geopolitical game played by almost every country in the world. So when the US government singles out one hacker for an espionage-focused intrusion, names him and targets him with sanctions, he must have spied aggressively—or effectively—enough to make powerful people angry. Yin Kecheng, a 39-year-old Chinese man accused of participating in the hacking of nine US telecommunications companies by China. hacker group known as Salt Typhoon, as well as another recent breach of the US Treasury. In a statement on the news, the Treasury said Yin had ties to China’s Ministry of State Security and had been a “cyber actor” for more than a decade. It also imposed sanctions on Sichuan Juxinhe Network Technology, a company that the Treasury said was also associated with Salt Typhoon. Salt Typhoon breached US telecommunications giving Chinese hackers enormous access to real-time text and phone calls from America, and reportedly used it to spy on the president-elect Donald Trump and vice president-elect JD Vance, among other targets. FBI Director Christopher Wray called the telecommunications breach “the most significant cyber espionage campaign in history.” While the Treasury is back on China’s spying operation, it is also still able to determine the scope of the intrusions some of the same hackers have carried out on the network. An internal Financial report obtained by Bloomberg found that hackers had penetrated at least 400 of the agency’s PCs and stolen more than . 3,000 files in the new release The espionage-focused intrusion appears to have disappeared after sanctions and law-enforcement related information, the report found, as well as other intelligence materials that have access, the intruders did not get access to the Treasury email or the classified part of the network, the report, as well it does not leave any malware that will advise you to try to maintain long-term access. The Department of Justice announced this week that the FBI was conducting an operation to remove a malware specimen known as PlugX from 4,200 computers around the world. The malware, which is usually transmitted to computers via infected USB drives, has been around for at least a decade and is sometimes used by Chinese state-sponsored hacking groups to target Chinese dissidents. In July last year, cybersecurity company Sekoia and French law enforcement took over the command and control server behind the malware. This week, the FBI obtained a court order allowing the bureau to send self-destruct commands to software on infected machines. The intrusion told TechCrunch that the attackers gained access to “all” stored data of students and teachers in the account. PowerSchool is used by more than 60 million K-12 students in the US. Hackers gained access to the information by stealing login credentials that gave them access to the company’s customer support portal. The attack has not yet been linked to a specific perpetrator. PowerSchool has not disclosed the number of victimized schools or whether all customers are affected.
