Major Vulnerabilities / Miscellaneous

2018 – Meltdown / Spectre

  • 05-05-2021: New Spectre attack once again sends Intel and AMD scrambling for a fix. [Ars Technica] [Schneier]

  • 18-03-2021: Exploiting Spectre over the Internet. [Schneier]

  • 11-06-2020: Another Intel speculative execution vulnerability. [Schneier] [Ars Technica] [ZDNet]

  • 10-03-2020: Security flaw detected in AMD CPUs going back to 2011. [ExtremeTech]

  • 06-03-2020: A major new Intel processor flaw could defeat encryption and DRM protections. [The Verge] [ExtremeTech] [HEXUS] [ExtremeTech]

  • 13-11-2019: Intel fixes CPU security flaw it said was patched in May. [Engadget]

  • 12-11-2019: New Spectre-related CPU flaw tops Intel’s latest critical security fixes. [ExtremeTech]

  • 07-08-2019: SWAPGS attack: The Spectre-like flaw affecting Intel CPUs. [Graham Cluley]

  • 20-05-2019: Intel performance hit 5x harder than AMD after Spectre, Meltdown patches. [ExtremeTech]

  • 15-05-2019: New speculative execution bug leaks data from Intel chips’ internal buffers. [Ars Technica] [Schneier] [Stuff]

  • 06-03-2019: Researchers reveal SPOILER Intel CPU vulnerability. [Hexus] [HardOCP]

  • 27-02-2019: Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware. [The Register]

  • 18-02-2019: Data-spewing Spectre chip flaws can't be killed by software alone. [The Register]

  • 03-01-2019: The elite Intel team still fighting Meltdown and Spectre. [Wired]

  • 07-12-2018: Boffins demo Speculator tool for sniffing out data-leaking CPU holes. [The Register]

  • 19-11-2018: Spectre patches whack Intel performance hard with Linux 4.20 kernel. [ExtremeTech]

  • 14-11-2018: Spectre, Meltdown researchers unveil 7 more speculative execution attacks. [Ars Technica] [The Register] [Schneier] [HardOCP] [ZDNet]

  • 31-10-2018: Spectre and Meltdown patches responsible for some Nvidia driver slowdown claims. [HardOCP] [YouTube]

  • 23-10-2018: Future Windows 10 update will soften the blow of Spectre patches. [Engadget]

  • 22-10-2018: New Google patch reduces Spectre performance impact to ‘noise'. [ExtremeTech]

  • 21-08-2018: Intel details Cascade Lake, hardware mitigations for Meltdown, Spectre. [ExtremeTech] [HardOCP] [AnandTech]

  • 14-08-2018: Intel discloses another set of processor vulnerabilities. [Engadget]

  • 26-07-2018: NetSpectre -- a remote Spectre attack without attacker-controlled code on the victim. [HardOCP] [PDF] [The Register] [Ars Technica]

  • 23-07-2018: Spectre rises from the dead to bite Intel in the return stack buffer. [The Register]

  • 15-07-2018: New Spectre 1.1 and Spectre 1.2 CPU flaws disclosed. [HardOCP] [BleepingComputer]

  • 12-07-2018: Google Chrome prevents sites from launching Spectre-like attacks. [Engadget] [Android Police] [ExtremeTech] [The Verge] [The Register] [HardOCP] [Google Security] [Ars Technica] [ExtremeTech]

  • 10-07-2018: Another data-leaking Spectre CPU flaw. [The Register] [Ars Technica] [HardOCP]

  • 16-06-2018: Boffins offer to make speculative execution great again with Spectre-Meltdown CPU fix. [The Register]

  • 21-05-2018: Intel details fourth Spectre-style CPU security flaw. [Engadget] [Wired] [HardOCP] [Schneier] [The Verge] [ExtremeTech] [Android Police] [HardOCP] [Neowin]

  • 20-05-2018: New Spectre attack can even reveal firmware secrets. [HardOCP] [ZDNet]

  • 09-05-2018: Second wave of Spectre-like CPU security flaws won't be fixed for a while. [The Register]

  • 03-05-2018: Spectre next generation is coming whether we like it or not. [HardOCP] [heise.de] [The Register] [ExtremeTech] [BBC News]

  • 04-04-2018: Intel admits a load of its CPUs have Spectre v2 flaw that can't be fixed. [The Register] [HardOCP] [Intel PDF] [ExtremeTech] [The Register] [HardOCP] [PCWorld] [The Verge] [Ars Technica]

  • 29-03-2018: Intel CPU 'BranchScope' vulnerabilities detailed. [Hexus]

  • 28-03-2018: Microsoft's Windows 7 Meltdown fixes from January, February made PCs more insecure. [The Register] [HardOCP] [Bleeping Computer] [THG] [ExtremeTech] [The Register]

  • 26-03-2018: We need to go deeper: Meltdown and Spectre flaws will force security further down the stack. [The Register]

  • 18-03-2018: Meltdown, Spectre, and the cost of unchecked innovation. [Wired]

  • 15-03-2018: Microsoft offers $250,000 bounty to prevent the next Meltdown and Spectre CPU flaws. [The Verge]

  • 15-03-2018: Intel redesigned its 8th-gen processors to patch ‘Meltdown’ flaws. [Engagdget]

  • 09-03-2018: Intel issues Spectre and Meltdown microcode updates for Sandy and Ivy. [HardOCP] [Intel PDF] [ExtremeTech] [Ars Technica]

  • 07-03-2018: Six lessons from the CPU meltdown. [EETimes]

  • 01-03-2018: Microsoft issues Skylake Spectre microcode fixes out through Windows Update. [The Register] [HardOCP] [ZDNet]

  • 28-02-2018: Three things to know about Meltdown and Spectre patches. [DC Knowledge]

  • 28-02-2018: Intel gives Broadwells and Haswells their Meltdown medicine. [The Register] [Hexus] [Ars Technica]

  • 23-02-2018: Intel didn't tell CERTS, govs, about Meltdown and Spectre because they couldn't help fix it. [The Register] [THG] [ExtremeTech]

  • 21-02-2018: Four class-action CPU flaw lawsuits filed against AMD. [The Register] [THG]

  • 21-02-2018: New Spectre/Meltdown variants. [Schneier]

  • 21-02-2018: Spectre, Meltdown, and flexible scaleout. [Russ White] [Gestalt IT]

  • 20-02-2018: Intel completes Spectre fix for Skylake, Kaby Lake, Coffee Lake CPUs. [THG] [The Register] [The Verge] [Ars Technica] [ExtremeTech]

  • 16-02-2018: 32 lawsuits filed against Intel over Spectre and Meltdown flaws. [Ars Technica] [Hexus]

  • 14-02-2018: Microsoft’s compiler-level Spectre fix shows how hard this problem will be to solve. [Ars Technica]

  • 14-02-2018: Boffins cook up fresh Meltdown, Spectre CPU design flaw exploits. [The Register] [HardOCP]

  • 14-02-2018: Meltdown-and-Spectre-detector comes to Windows Analytics. [The Register]

  • 09-02-2018: VMware sticks finger in Meltdown/Spectre dike for virtual appliances. [The Register]

  • 08-02-2018: Intel releases new Spectre microcode update for Skylake. [Ars Technica] [Engadget] [THG]

  • 07-02-2018: Meltdown, Spectre create data center dilemma. [Network Computing]

  • 05-02-2018: Learn more about how Spectre and Meltdown work. [HardOCP] [Jon Masters: Twitter, PDF]

  • 01-02-2018: Hundreds of Meltdown, Spectre malware samples found in the wild. [THG] [HardOCP] [Mozilla]

  • 29-01-2018: You can't ignore Spectre. [The Register]

  • 29-01-2018: Intel alerted Chinese cloud giants 'before US govt' about CPU bugs. [The Register] [ExtremeTech]

  • 29-01-2018: How Spectre and Meltdown impact data center storage. [Network Computing]

  • 26-01-2018: Intel Meltdown and Spectre-proof CPUs to launch this year. [Hexus] [ExtremeTech] [Ars Technica] [Engadget]

  • 26-01-2018: The effects of the Spectre and Meltdown vulernabilities. [Schneier]

  • 25-01-2018: Do Spectre, Meltdown Mean the Death of Moore’s Law? [ExtremeTech]

  • 23-01-2018: Spectre, Meltdown hit on-prem Windows servers hardest. [DC Knowledge]

  • 22-01-2018: Meltdown/Spectre week three: world still in trouble. [The Register]

  • 18-01-2018: Meltdown, Spectre forcing Intel reboots. [EETimes] [THG] [The Verge] [Ars Technica]

  • 17-01-2018: InSpectre Meltdown and Spectre check tool released by GRC. [Hexus] [HardOCP] [GRC]

  • 16-01-2018: A Congressman has new questions for chipmakers about Meltdown and Spectre response. [The Verge] [Engadget]

  • 15-01-2018: Spectre and Meltdown patches causing trouble as realistic attacks get closer. [Ars Technica] [Lifehacker]

  • 15-01-2018: Now Meltdown patches are making industrial control systems lurch. [The Register]

  • 15-01-2018: Meltdown and its networking equivalents. [ipSpace]

  • 15-01-2018: Oracle still silent on Meltdown, but lists patches for x86 servers among 233 new fixes. [The Register]

  • 14-01-2018: Meltdown and Spectre flaws loomed large over CES. [Engadget]

  • 12-01-2018: Should SANs be patched to fix the Spectre and Meltdown bugs? [The Register]

  • 12-01-2018: Researchers found another major security flaw in Intel CPUs. [ExtremeTech]

  • 12-01-2018: Motherboard vendors release BIOS updates for Spectre. [THG]

  • 12-01-2018: Google explains Meltdown, Spectre fix impact on cloud services. [THG] [ExtremeTech]

  • 12-01-2018: Intel’s Meltdown fix freaked out some Broadwells, Haswells. [The Register] [HardOCP] [Intel] [The Verge] [Wired]

  • 12-01-2018: Intel's response to chip meltdown deepens rift with Microsoft. [DC Knowledge]

  • 11-01-2018: Keeping Spectre secret. [The Verge]

  • 11-01-2018: Intel releases Meltdown, Spectre patch benchmarks. [THG] [The Verge] [Wired] [Ars Technica]

  • 11-01-2018: Meltdown and Spectre repeat hard security lessons. [EETimes]

  • 10-01-2018: Nvidia patches drivers against Meltdown And Spectre. [THG]

  • 10-01-2018: Intel needs to come clean about Meltdown and Spectre. [The Verge]

  • 10-01-2018: What is speculative execution? [ExtremeTech]

  • 09-01-2018: Not vulnerable -- Intel Itanium and Secure64 Source T. [Secure64]

  • 09-01-2018: Microsoft reveals how Spectre updates can slow your PC down. [The Verge] [HardOCP] [Microsoft] [THG] [Hexus]

  • 09-01-2018: Should Spectre, Meltdown Be the Death Knell for the x86 Standard? [ExtremeTech]

  • 09-01-2018: Microsoft's Meltdown and Spectre security update bricks some AMD-powered PCs. [Graham Cluley] [ExtremeTech]

    • 11-01-2018: AMD doubles down on previous Spectre and Meltdown statements. [HardOCP] [The Verge]

  • 09-01-2018: Freezing machines halt chip bug patch. [BBC News]

  • 09-01-2018: Intel will patch all recent chips by the end of January. [Engadget]

  • 09-01-2018: IBM melts down fixing Meltdown as processes and patches stutter. [The Register] [The Register] [HardOCP]

  • 09-01-2018: Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPads. [Graham Cluley] [PocketNow] [NZ Herald]

  • 09-01-2018: Meltdown, Spectre bug patch slowdown gets real. [The Register]

  • 07-01-2018: How so many researchers found a 20-year-old chip flaw at the same time. [Wired]

  • 05-01-2018: Answering your questions about Meltdown and Spectre. [Google Blog]

  • 05-01-2018: Intel faces multiple lawsuits over chip security vulnerabilities. [Engadget] [The Register] [Ars Technica]

  • 05-01-2018: Here’s what Intel, Apple, Microsoft, others are doing about it. [Ars Technica]

  • 05-01-2018: Tech titans downplay Meltdown and Spectre patches' performance hits. [THG]

  • 05-01-2018: Vendors rush to issue security updates for Meltdown and Spectre flaws. [Network Computing]

  • 05-01-2018: The latest news on two major CPU security bugs. [The Verge]

  • 05-01-2018: Intel: CPU patch has minimal impact in the real-world. [Hexus]

  • 05-01-2018: Cisco to release patches for Meltdown, Spectre CPU vulnerabilities. [The Register]

  • 05-01-2018: All Macs, iPhones and iPads affected by Meltdown and Spectre. [BBC News] [HardOCP] [Apple]

  • 05-01-2018: Meltdown CPU fixes are here -- Spectre flaws will haunt tech industry for years. [The Register]

  • 05-01-2018: How to protect yourself from Meltdown and Spectre. [Lifehacker] [The Verge]

  • 04-01-2018: The CPU catastrophe will hit hardest in the cloud. [The Verge]

  • 04-01-2018: Meltdown and Spectre can be exploited through your browser. [THG]

  • 04-01-2018: Intel issues Meltdown and Spectre patches for newer CPUs. [THG]

  • 04-01-2018: Microsoft patches Windows. [The Register] [The Verge]

  • 04-01-2018: Chip hacks: How much is your device at risk? [BBC News]

  • 04-01-2018: Meltdown and Spectre: How chip hacks work. [BBC News] [THG] [ExtremeTech] [HardOCP] [THG]

  • 04-01-2018: What’s behind the Intel design flaw forcing numerous patches? [Ars Technica]

  • 03-01-2018: Intel says memory security issue extends beyond its own chips. [Engadget]

  • 03-01-2018: A critical Intel flaw breaks basic security for most computers. [Wired]

  • 03-01-2018: Intel’s processors have a security bug and the fix could slow down PCs. [The Verge] [HardOCP] [Intel]

  • 03-01-2018: Meltdown and Spectre: every modern processor has unfixable security flaws. [Ars Technica] [Wired] [Schneier] [The Verge] [NZ Herald] [HardOCP] [ExtremeTech] [Engadget] [Krebs] [Schneier] [Computerphile] [TechBlog] [Stuff] [DC Knowledge] [NZ Herald]

2017 – Petya

  • 22-08-2018: The untold story of NotPetya, the most devastating cyberattack in history. [Wired] [Schneier]

  • 16-02-2018: UK, US Governments Attribute NotPetya Attack To Russian Military. [THG] [Wired] [ITPNZ]

  • 17-01-2018: Remember the NotPetya cyberattack? [HardOCP] [Washington Post]

  • 11-08-2017: Ukrainian man cuffed on suspicion of distributing NotPetya. [The Register]

  • 18-07-2017: Petya cyber-attack still disrupting firms weeks later. [BBC News]

  • 12-07-2017: Firms that didn’t patch and enabled local admin rights continue to suffer post cyber-attack. [BitDefender]

  • 07-07-2017: Backdoored automatic updates amplify NotPetya's destruction. [THG] [Wired]

  • 07-07-2017: Petya ransomware maker releases master key for file decryption. [THG] [HardOCP] [Graham Cluley]

  • 07-07-2017: Largest advertising company in the world still wincing after NotPetya. [The Register]

  • 07-07-2017: Petya victim given hope by researchers. [BBC News]

  • 06-07-2017: NotPetya ransomware hackers want 100 Bitcoins for decryption keys. [ExtremeTech]

  • 05-07-2017: Petya ransomware authors demand $250,000 in first public statement since the attack. [The Verge] [BBC News]

  • 05-07-2017: Ukraine authorities raid MeDoc in NotPetya investigation. [The Register] [Gizmodo] [Ars Technica]

  • 03-07-2017: Ukranian company that spread Petya could face criminal charges for vulnerability. [The Verge]

  • 03-07-2017: US-CERT issues 'Petya' alert, as ransomware attacks go mainstream. [THG]

  • 03-07-2017: The Office: Life after a virus. [BBC News]

  • 02-07-2017: NATO could be forced to respond to the Petya attack. [The Verge] [Gizmodo]

  • 02-07-2017: Ukraine security service: Russia behind cyber-attack. [BBC News] [The Register]

  • 01-07-2017: How shipping giant Maersk dealt with a malware meltdown. [Wired]

  • 01-07-2017: The hot new cyberattack that's sweeping the nation. [Engadget]

  • 01-07-2017: NotPetya developers may have obtained NSA exploits weeks before their public leak. [Ars Technica]

  • 01-07-2017: Hacker behind massive ransomware attack has no access to emails from victims who paid. [NZ Herald]

  • 30-06-2017: Latest ransomware techniques show need for layered security. [PacketU] [Voxy]

  • 30-06-2017: Wiper Malware in global attack actually destroys data. [DC Knowledge]

  • 30-06-2017: NotPetya cyber attack's intention may have been malware installation in Ukraine. [Stuff]

    • 30-06-2017: Europol, FBI, UK's NCA to help Ukraine. [The Register]

  • 29-06-2017: Janus resurfaces, wants to help with NotPetya. [The Register] [Gizmodo]

  • 29-06-2017: How artificial intelligence is taking on ransomware. [Stuff]

  • 29-06-2017: Cyberattack clogs world port systems and major networks. [Stuff]

  • 28-06-2017: US hit by cyberattack that targeted Ukraine and Russia. [Engadget] [NZ Herald] [Voxy]

  • 28-06-2017: Petya ransomware: everything we know about the massive cyber attack. [The Verge] [Voxy]

  • 28-06-2017: The Petya ransomware is starting to look like a cyberattack in disguise. [The Verge] [THG]

    • 28-06-2017: Petya massive ransomware outbreak was something much worse. [Ars Technica] [The Verge] [Wired]

    • 29-06-2017: Recent 'NotPetya' attacks might not be ransomware at all. [Engadget]

  • 28-06-2017: Cyberattacks disrupt Chernobyl’s automatic monitoring system. [ExtremeTech]

  • 28-06-2017: There is a killswitch for NotPetya. [HardOCP] [Amith Serper]

  • 28-06-2017: Petya ransomware: everything we know about the massive cyber attack. [The Verge] [HardOCP]

  • 28-06-2017: Tax software blamed for cyber-attack spread. [BBC News]

  • 28-06-2017: Everything you need to know about the PetyaWrap. [The Register]

  • 28-06-2017: Global cyber attack: Windows computers must be updated, officials say. [NZ Herald]

  • 28-06-2017: How to protect your computer against the latest ransomware attack. [Stuff]

  • 28-06-2017: No reports yet of Petya ransomware hitting NZ. [Stuff] [Geekzone]

  • 27-06-2017: Latest ransomware hackers didn't make WannaCry's mistakes. [Wired]

  • 27-06-2017: Today's global ransomware attack weaponized software updates. [The Verge]

  • 27-06-2017: It’s already too late for today’s ransomware victims to pay up and save their computers. [The Verge] [Gizmodo]

  • 27-06-2017: PetyaWrap: a new ransomware outbreak similar to WCry is shutting down computers worldwide. [Ars Technica] [BBC News] [Stuff] [Graham Cluley] [DC Knowledge] [The Register] [ExtremeTech] [The Verge] [Wired] [Engadget] [Gizmodo] [Krebs] [DC Knowledge] [NZ Herald]

2017 – WannaCry

  • 18-02-2021: US charges North Koreans in relation to WannaCry cyber attacks. [Graham Cluley]

  • 03-02-2020: WannaCry ransomware attack on NHS could have triggered NATO reaction. [The Register]

  • 28-12-2018: WannaCry is still active in 100,000s of computers. [HardOCP] [Bleeping Computer]

  • 12-10-2018: It is 2018 and the NHS is still counting the cost of WannaCry. [The Register]

  • 09-09-2018: How US authorities tracked down the North Korean hacker behind WannaCry. [HardOCP] [ZDNet]

  • 28-03-2018: Boeing production plant hit with WannaCry ransomware attack. [The Verge] [The Register] [Engadget]

  • 19-12-2017: US and UK blame North Korea for WannaCry. [BBC News] [Engadget] [The Verge] [NZ Herald] [Stuff] [Graham Cluley] [The Register] [HardOCP] [NPR] [Wired] [Ars Technica]

  • 31-10-2017: North Korea calls UK WannaCry accusations 'wicked'. [BBC News]

  • 03-08-2017: WannaCry ransomware bitcoins move from online wallets. [BBC News] [THG] [The Register] [Ars Technica] [Gizmodo]

    • 04-08-2017: Wannacry money laundering attempt thwarted. [BBC News]

    • 05-08-2017: Researchers say WannaCry operator moved bitcoins to “untraceable” Monero. [Ars Technica]

  • 10-07-2017: Surfer who saved world from WannaCry attack ready for next wave. [Stuff]

  • 08-07-2017: The only way to stop another WannaCry is with regulations. [Engadget]

  • 08-07-2017: The next WannaCry cyber attack could cost insurers $3.4 billion. [NZ Herald]

  • 05-07-2017: UK Parliament launches inquiry into NHS WannaCrypt outbreak. [The Register]

  • 22-06-2017: WannaCry ransomware infects Australian traffic cameras, human error blamed. [Graham Cluley] [BBC News] [Graham Cluley] [The Register] [The Verge]

  • 21-06-2017: Honda shuts down factory after finding NSA-derived Wcry in its networks. [Ars Technica] [Engadget] [ExtremeTech]

  • 20-06-2017: 5.5 million devices operating with WannaCry port open. [DC Knowledge]

  • 14-06-2017: NSA believes North Korea was responsible for WannaCry ransomware attacks. [The Verge] [BBC News] [THG] [BBC News] [Schneier]

  • 12-06-2017: NHS ransomware cyber-security hero: I was panicking. [BBC News]

  • 02-06-2017: WannaCry and vulnerabilities. [Schneier] [Russ White]

  • 01-06-2017: Crapness of WannaCrypt coding offers hope for ransomware victims. [The Register]

  • 31-05-2017: If you think WannaCry was huge, wait for EternalRocks. [DC Knowledge]

  • 31-05-2017: WannaCry theory points to currency manipulation. [HardOCP]

  • 30-05-2017: Windows XP computers were mostly immune to WannaCry. [The Verge] [The Register] [Graham Cluley]

  • 30-05-2017: Ransomware realities: In your normal life, strangers don't extort you - but here you are. [The Register]

  • 30-05-2017: WannaCry exposed healthcare's ills. [EETimes]

  • 29-05-2017: WannaLaugh? WannaCrypt ported to Commodore, Cisco, Nintendo and Tesla. [The Register]

  • 26-05-2017: WannaCry‬pt ransomware note likely written by Google Translate-using Chinese speakers. [The Register] [BBC News] [Gizmodo]

  • 25-05-2017: Wormable WannaCry type vulnerability for Linux & Unix with Samba. [HardOCP]

  • 25-05-2017: Ransomware and IoT. [Schneier]

  • 25-05-2017: Russian postal service 'hit by WannaCry'. [BBC News]

  • 25-05-2017: Android app store is full of useless, unwanted anti-WannaCry apps. [Graham Cluley]

  • 25-05-2017: Ransomware hits Australian hospitals after botched patch. [The Register]

  • 24-05-2017: Reading list: WannaCry and ransomware. [Russ White] [CircleID] [EFF] [CSA]

  • 23-05-2017: The future of ransomware. [Schneier] [Russ White]

  • 23-05-2017: US politicians think companies should be allowed to 'hack back' after WannaCry. [Graham Cluley]

  • 23-05-2017: There’s new evidence tying WCry ransomware worm to prolific hacking group. [Ars Technica]

  • 23-05-2017: WannaCry: Ransomware attacks show strong links to Lazarus group. [Voxy]

  • 23-05-2017: Ransomware cyber-attacks impact growing on NZ. [Voxy]

  • 22-05-2017: 7 NSA hack tool wielding follow-up worm oozes onto scene. [The Register]

  • 22-05-2017: Samsung working with South Korean government to increase protection against WannaCry. [Sammobile]

  • 20-05-2017: Windows 7, not XP, was the reason last week’s WCry worm spread so widely. [Ars Technica] [BBC News] [HardOCP] [ITnews]

  • 20-05-2017: More people infected by recent WCry worm can unlock PCs without paying ransom. [Ars Technica]

  • 20-05-2017: WannaCry: Everything you still need to know. [The Register]

  • 19-05-2017: Hackers are trying to reignite WannaCry with non-stop botnet attacks. [Wired] [Gizmodo]

  • 19-05-2017: Almost all WannaCry victims were running Windows 7. [The Verge]

  • 19-05-2017: WannaCrypt makes an easy case for Linux. [HardOCP] [TechRepublic]

  • 19-05-2017: WannaCrypt: Roots, reasons and why scramble patching won't save you now. [The Register]

  • 19-05-2017: Crooks use WannaCrypt hysteria as hook for BT-branded phishing emails. [The Register]

  • 19-05-2017: WannaCry ransomware. [Schneier]

  • 19-05-2017: There's an easy fix for WannaCry, if you haven't rebooted yet. [Engadget] [The Register] [HardOCP]

  • 18-05-2017: WannaCry lessons. [BBC News]

  • 18-05-2017: High-profile extortion hacks aren't paying off. [Wired]

  • 18-05-2017: Windows XP PCs infected by WCry can be decrypted without paying ransom. [Ars Technica] [Wired]

  • 18-05-2017: WannaCry - Who's to blame? [Graham Cluley]

  • 18-05-2017: Azure users told they're not WannaCrypt-proof. [The Register]

  • 17-05-2017: After WannaCry, a new bill would force the NSA to justify its hacking tools. [The Verge] [Engadget]

  • 17-05-2017: The NSA’s leaked Windows hack caused more damage than just WannaCry. [The Verge]

  • 17-05-2017: Significant number of devices continue to expose Windows SMB on port 445. [The Register]

  • 17-05-2017: Ransomware fear-flinger Uiwix fails to light. [The Register]

  • 17-05-2017: Cisco warns: Some products might have WannaCrypt vuln. [The Register]

  • 17-05-2017: Cryptocurrency-mining malware has been using WannaCry's NSA exploit for weeks. [Graham Cluley] [The Register] [HardOCP] [Proofpoint] [Engadget]

  • 17-05-2017: Symantec blocks 22 million attempted WannaCry ransomware attacks globally. [Geekzone] [Voxy]

  • 17-05-2017: WannaCry ransomware victims told not to pay up by Cert NZ. [Stuff]

  • 16-07-2017: Why governments won't let go of secret software bugs. [Wired]

  • 16-05-2017: WannaCry and the malware hall of fame. [BBC News]

  • 16-05-2017: Massive cryptocurrency botnet used leaked NSA exploits weeks before WCry. [Ars Technica]

  • 16-05-2017: Pirated Windows led to WannaCry's spread in China and Russia. [Engadget]

  • 16-05-2017: Embarrassed companies hit by ransomware pay up, and keep it quiet. [Stuff]

  • 15-05-2017: InternetNZ: WannaCry provides important lessons for cyber security. [Voxy]

  • 15-05-2017: China staggering under WannaCrypt outbreak. [The Register]

  • 15-05-2017: Wana Decrypt0r (WannaCry Ransomware) - Computerphile. [YouTube]

  • 15-05-2017: The 'WannaCry' ransomware is a stark reminder of a broken system. [Engadget]

  • 15-05-2017: The WannaCry ransomware hackers made some real amateur mistakes. [Wired]

  • 15-05-2017: The WannaCry ransomware has mysterious ties to North Korea. [The Verge] [Ars Technica] [Wired] [Stuff] [Engadget] [The Register] [HardOCP] [CIO]

    • 16-05-2017: Did North Korea write WannaCry? [Schneier] [NYT]

    • 17-05-2017: Expert finds more possible North Korea links to cyberattack. [NZ Herald] [Stuff]

    • 22-05-2017: North Korea denies link to WannaCry ransomware attack. [Graham Cluley]

    • 22-05-2017: North Korean cyberwar capabilities. [Schneier] [Reuters] [NZ Herald] [Stuff]

    • 23-05-2017: More evidence for WannaCry 'link' to North Korean hackers. [BBC News]

  • 15-05-2017: WannaCry ransomware ransonworm. [HardOCP]

  • 15-05-2017: WannaCry ransomware small impact to US infrastructure. [HardOCP] [Reuters]

  • 15-05-2017: Why don't they just update? [HardOCP]

  • 15-05-2017: WannaCry evolves to Uiwix ransomworm. [HardOCP] [The Register]

  • 15-05-2017: WannaCrypt outbreak contained as hunt for masterminds kicks in. [BBC News] [NZ Herald]

  • 15-05-2017: Watch what happens when ransomware hits. [BBC News]

  • 15-05-2017: WannaCry ransomware cyber-attacks slow but fears remain. [BBC News]

  • 15-05-2017: Global manhunt for WannaCry creators. [BBC News]

  • 15-05-2017: Global cyberattack: Phone scammer warning for NZ. [NZ Herald]

  • 15-05-2017: Ransomware cyber-attack: Who has been hardest hit? [BBC News]

  • 15-05-2017: Should you pay the WannaCry ransom? [BBC News]

  • 15-05-2017: Microsoft blasts spy agencies for hoarding security exploits. [Engadget] [BBC News] [The Register] [Ars Technica] [Graham Cluley] [THG]

    • 15-05-2017: Is Microsoft to blame for the largest ransomware attacks in internet history? [The Verge]

    • 15-05-2017: Microsoft attempts to shift blame onto NSA. [EtherealMind]

    • 16-05-2017: Microsoft faulted over ransomware while shifting blame to NSA. [DC Knowledge]

  • 15-05-2017: WannaCry Ransomware: all the updates on the cyberattack. [The Verge] [Stuff]

  • 15-05-2017: Experts brace for unstoppable ransomware. [Stuff]

  • 15-05-2017: Cyberattack hits at least 200,000 victims in 150 countries. [Stuff] [The Verge] [NZ Herald]

  • 15-05-2017: New Zealand should be on alert as borders mean nothing for cyber-attackers. [Stuff]

  • 14-05-2017: 'WannaCry' ransomware evolves despite attempts to kill it. [Engadget]

  • 14-05-2017: Cyber-attack: Firms 'must patch before Monday morning'. [BBC News] [NZ Herald] [Gizmodo]

  • 14-05-2017: Europol: ransomware cyber-attack threat escalating. [BBC News]

  • 14-05-2017: Renault and Nissan plants hit by massive ransomware attack. [Jalopnik] [The Verge]

  • 14-05-2017: Next cyber-attack could be imminent, warn experts. [BBC News]

  • 14-05-2017: Kiwis warned not to click strange link to avoid global cyber-attack. [NZ Herald]

  • 14-05-2017: Businesses should batten down cyber-security hatches amidst ransom hacks. [Stuff]

  • 14-05-2017: Malware attack: How to protect yourself online. [BBC News]

  • 14-05-2017: New Zealand upping digital security after 'massive' worldwide cyberattack. [Stuff]

  • 13-05-2017: Ransomware problems blamed on legacy apps and patch problems. [THG]

  • 13-05-2017: Global ‘Wana’ Ransomware Outbreak Earned Perpetrators $26,000 So Far. [Krebs] [Gizmodo] [HardOCP]

    • 17-05-2017: WCry ransomware worm’s Bitcoin take tops $70k as its spread continues. [Ars Technica]

  • 13-05-2017: Microsoft Issues WanaCrypt Patch for Windows 8, XP. [Krebs] [Ars Technica] [The Verge] [THG] [ExtremeTech]

    • 14-05-2017: If you still use Windows XP, prepare for the worst. [Wired]

    • 15-05-2017: Security minister says XP issue a 'red herring'. [BBC News]

    • 16-05-2017: Microsoft's WinXP fix was built in February. [The Register]

    • 21-06-2017: Is continuing to patch WinXP a mistake? [Schneier]

  • 13-05-2017: Cyber-attack: Europol says it was unprecedented in scale. [BBC News]

  • 13-05-2017: Global cyber-attack: Security blogger halts ransomware 'by accident'. [BBC News] [Stuff] [HardOCP] [Gizmodo] [The Verge] [NZ Herald] [Wired] [ExtremeTech] [Ars Technica]

  • 13-05-2017: How to avoid a cyber attack: Malware and ransomware explained. [Stuff] [Stuff] [Lifehacker] [Stuff]

  • 13-05-2017: Today's massive ransomware attack was mostly preventable - here's how to avoid it. [Gizmodo]

  • 13-05-2017: Global cyberattack: NZ's spy agency strengthening security. [NZ Herald]

  • 13-05-2017: NHS cyber-attack: 'The next step for organised crime'. [BBC News] [Hexus] [Gizmodo]

    • 14-05-2017: 'It's life and death to us': how the cyber attack could have cost patients lives. [NZ Herald]

    • 14-05-2017: NHS cyber-attack: More ransomware cases 'likely on Monday'. [BBC News]

    • 15-05-2017: NHS cyber-attack: No 'second spike' but disruption continues. [BBC News]

    • 18-05-2017: Great Ormond Street children's hospital still offline after WannaCrypt omnishambles. [The Register]

    • 23-05-2017: Kiwi solution helps NHS weather ransomware attacks. [Voxy]

    • 25-05-2017: NHS Digital stopped short of advising against paying off WannaCrypt. [The Register]

    • 29-06-2017: NHS WannaCrypt postmortem: Outbreak blamed on lack of accountability. [The Register]

    • 12-07-2017: WannaCry prompts promise of extra cash towards NHS security. [The Register]

    • 28-08-2017: WannaCrypt NHS victim Lanarkshire infected by malware again. [The Register] [BBC News] [Graham Cluley]

    • 27-10-2017: 'Basic IT security' could have prevented UK NHS WannaCry attack. [Engadget]

  • 12-05-2017: An NSA-derived ransomware worm is shutting down computers worldwide. [Ars Technica] [The Register]

  • 12-05-2017: 74 countries hit by NSA-powered WannaCrypt ransomware backdoor. [The Register] [Ars Technica] [DC Knowledge] [Stuff] [NZ Herald] [HardOCP] [ExtremeTech] [THG] [Wired] [Engadget] [Gizmodo]

2017 – CIA Leak

  • 09-05-2017: Cisco kills leaked CIA 0-day that let attackers commandeer 318 switch models. [Ars Technica]

  • 14-04-2017: The new CIA head hates WikiLeaks - when convenient. [Engadget]

  • 10-04-2017: Fourth WikiLeaks CIA attack tool dump. [Schneier] [WikiLeaks]

  • 08-04-2017: WikiLeaks just dropped the CIA’s secret how-to for infecting Windows. [Ars Technica] [Engadget] [HardOCP] [THG]

  • 03-04-2017: Wikileaks releases code that could unmask CIA hacking operations. [Ars Technica] [BBC News]

  • 31-03-2017: WikiLeaks exposes CIA anti-forensics tool that makes the US seem fluent in enemy tongues. [The Register]

  • 24-03-2017: Second WikiLeaks dump of CIA documents. [Schneier] [WikiLeaks]

  • 23-03-2017: CIA agents can install software on Apple Macs, iPhones. [The Register] [ExtremeTech] [The Verge] [Wired] [Ars Technica] [Engadget]

  • 19-03-2017: Cisco reports bug disclosed in Wikileaks' Vault 7 CIA dump. [The Register] [Ars Technica] [THG] [HardOCP] [Cisco] [ExtremeTech] [DC Knowledge] [EtherealMind]

  • 14-03-2017: Convicted CIA leaker John Kiriakou's got some opinions about WikiLeaks. [Wired]

  • 13-03-2017: WikiLeaks pings Microsoft after promise to share CIA tools. [The Register]

  • 13-03-2017: The CIA WikiLeaks dump tells us that encryption works. [HardOCP] [AP]

  • 13-03-2017: Comments on the WikiLeaks CIA Vault #7. [Russ White] [Errata Security]

  • 12-03-2017: Why WikiLeaks revelations prove it's time for me to stick duct tape over the camera on my laptop. [Stuff]

  • 09-03-2017: Does WikiLeaks CIA dump suggest cybersecurity is largely futile? [DC Knowledge]

  • 09-03-2017: Security flaws 'undiscovered for years'. [BBC News]

  • 09-03-2017: Wikileaks is offering tech firms CIA files first. [BBC News] [Krebs] [NZ Herald] [The Register] [Graham Cluley]

    • 21-03-2017: WikiLeaks not disclosing CIA-hoarded vulnerabilities to companies. [Schneier]

  • 09-03-2017: FBI and CIA launch criminal investigation into 'malware leaks'. [BBC News]

  • 09-03-2017: CIA responds to WikiLeaks with an extra long 'no comment'. [Engadget]

  • 08-03-2017: How the CIA's hacking hoard makes everyone less secure. [Wired]

  • 08-03-2017: The CIA leak exposes tech's vulnerable future. [Wired]

  • 08-03-2017: CIA hacks smartphones to work around encrypted communications. [THG]

  • 08-03-2017: The CIA may be hacking cars, as well as phones and TVs. [ExtremeTech]

  • 08-03-2017: CIA hacking dossier leak reignites debate over vulnerability disclosure. [The Register]

  • 08-03-2017: More on the CIA document leak. [Schneier]

  • 08-03-2017: Apple, Samsung and Microsoft react to Wikileaks' CIA dump. [BBC News]

  • 08-03-2017: CIA hacking tools: Should we be worried? [BBC News]

  • 08-03-2017: The CIA exploit list in full: The good, the bad, and the very ugly. [The Register]

  • 07-03-2017: WikiLeaks CIA dump gives Russian hacking deniers the perfect ammo. [Wired]

  • 07-03-2017: After NSA hacking exposé, CIA staffers asked where Equation Group went wrong. [Ars Technica]

  • 07-03-2017: CIA hacking code names. [Gizmodo]

  • 07-03-2017: Don't let WikiLeaks scare you off Signal and other encrypted chat apps. [Wired]

  • 07-03-2017: How the CIA can hack your phone, PC and TV. [Wired]

  • 07-03-2017: The CIA is hacking Samsung Smart TVs. [The Verge] [Graham Cluley] [SamMobile] [HardOCP] [HotHardware]

    • 07-03-2017: How to tell if the CIA hacked your Samsung TV. [Wired]

    • 08-03-2017: I am your Samsung smart TV, and I'm positively not spying on you. [Wired]

  • 07-03-2017: WikiLeaks publishes trove of CIA hacking tools. [Ars Technica] [HardOCP] [WikiLeaks] [Wired] [Gizmodo] [Krebs] [Graham Cluley]

2015 – Mirai / Dyn IoT DDoS

2015 – Apple vs FBI

  • 22-03-2016: Today's Apple-FBI Hearing Has Been Delayed. [Gizmodo] [THG]

  • 22-03-2016: Apple's FBI row is only just beginning. [BBC News]

  • 21-03-2016: FBI backs down against Apple: Feds may be able to crack iPhone without help. [The Register] [BBC News] [Ars Technica] [Engadget] [Gizmodo] [Wired] [Stuff] [Graham Cluley]

  • 21-03-2016: Apple-FBI scrap started when iOS 8 was shared with the Feds. [Gizmodo] [Bloomberg]

  • 21-03-2016: Apple defends crypto fight against government during launch event. [Ars Technica]

  • 18-03-2016: Long before the Apple-FBI battle, Lavabit sounded a warning. [Wired]

  • 18-03-2016: Sources claim government goes after source code on a regular basis. [ExtremeTech]

  • 18-03-2016: Apple engineers might quit company before agreeing to unlock the iPhone. [ExtremeTech]

  • 17-03-2016: Apple encryption engineers have options if FBI order passes muster. [PocketNow] [NYT]

  • 17-03-2016: How Apple helped crack iPhones like clockwork. [NZ Herald]

  • 16-03-2016: FBI v. Apple is a security and privacy issue. What about civil rights? [Ars Technica]

  • 15-03-2016: Apple lambasts the FBI for not asking the NSA to help hack that iPhone. [Wired] [Wired]

  • 14-03-2016: The gloves are off: FBI argues it can force Apple to turn over iPhone source code. [ExtremeTech] [Schneier]

  • 14-03-2016: Former cyber czar says NSA could crack the San Bernadino shooter’s phone. [Ars Technica] [The Register]

  • 14-03-2016: Breaking the encryption deadlock. [NZ Herald]

  • 12-03-2016: Florida sheriff pledges to arrest CEO Tim Cook if Apple resists crypto cooperation. [Ars Technica]

  • 11-03-2016: New documents solve a few mysteries in the Apple-FBI saga. [Wired]

  • 11-03-2016: Obama weighs in on Apple v. FBI: “You can’t take an absolutist view". [Ars Technica] [Engadget] [Gizmodo] [The Register] [HardOCP] [TWH YouTube] [DC Knowledge]

  • 11-03-2016: Apple: FBI could force us to turn on iPhone cameras for spying. [PetaPixel]

  • 10-03-2016: Feds fire back on San Bernardino iPhone, noting that Apple has accommodated China. [Ars Technica] [Gizmodo] [PocketNow] [HardOCP] [THG]

  • 10-03-2016: Apple: FBI's Filing Is a 'Cheap Shot' Meant to 'Vilify Apple'. [Gizmodo] [9to5Mac]

  • 10-03-2016: What's next? FBI telling us to turn iPhones into pocket spy bugs? It'll happen, says Apple exec. [The Register]

  • 09-03-2016: Wh Apple is taking a strong stand for itself - and for all of us. [DC Journal]

  • 09-03-2016: More people side with Apple in San Bernardino iPhone case. [PocketNow] [WSJ]

  • 09-03-2016: There are ways the FBI can crack the iPhone PIN without Apple doing it for them. [Ars Technica] [PocketNow]

  • 08-03-2016: FBI says NY judge went too far in ruling the FBI went too far in forcing Apple to unlock iPhone. [The Register]

  • 08-03-2016: Steve Wozniak's take on Apple versus the FBI. [Gizmodo]

  • 08-03-2016: Why even Apple's mortal enemies are on its side. [Stuff]

  • 07-03-2016: San Bernardino Police Chief now calls for iPhone unlocking to eliminate third shooter theory. [PocketNow] [NY Post]

  • 07-03-2016: Apple VP says FBI's order makes everyone less secure. [Engadget] [The Register]

  • 04-03-2016: Apple-FBI a poor test case. [EE Times]

  • 04-03-2016: Chertoff says forcing Apple to unlock iPhone equivalent to building a biological weapon. [ExtremeTech]

  • 04-03-2016: How the FBI will lose its iPhone fight, thanks to 'West Coast Law'. [The Register]

  • 04-03-2016: The Golden Key: FBI vs Apple iPhone. [Computerphile]

  • 03-03-2016: An incomplete list of things the Federal Government should stop using thanks to Apple. [Gizmodo]

  • 03-03-2016: Top iPhone hackers ask court to protect Apple from the FBI. [Wired]

  • 03-03-2016: Twitter, Reddit and more file brief to support Apple vs the FBI. [Engadget] [Wired]

  • 03-03-2016: How the FBI versus Apple could make 1984 a reality. [Gizmodo]

  • 02-03-2016: How the FBI’s fight with Apple could change the future of smartphone security. [Lifehacker]

  • 01-03-2016: FBI is asking courts to legalize crypto backdoors because Congress won’t. [Ars Technica] [The Register] [Wired] [Engadget]

  • 01-03-2016: Congressman: FBI is exploiting tTragedy to push its encryption agenda. [Gizmodo]

  • 01-03-2016: Gartner to FBI: Stop bullying Apple and the tech industry. [The Register]

  • 29-02-2016: Apple prevails in forced iPhone unlock case in New York court. [Ars Technica] [PocketNow] [The Intercept] [Stuff] [Engadget] [Wired] [BBC News] [The Register] [THG]

  • 29-02-2016: Attorney General hopes Apple will comply with court order. [HardOCP] [Reuters]

  • 29-02-2016: Google, Facebook and other powerful tech firms filing briefs to support Apple. [NZ Herald] [Stuff]

  • 26-02-2016: Police chief: There’s a “reasonably good chance” not much is on seized iPhone. [Ars Technica]

  • 25-02-2016: Here’s how Apple would build crypto-cracking software for the FBI. [Ars Technica]

  • 25-02-2016: CIA director: it's the media's fault that terrorists are so good at encryption. [Gizmodo] [The Register]

  • 25-02-2016: The craziest line in Apple's motion to throw out the iPhone case. [Gizmodo]

  • 25-02-2016: Apple and FBI to testify at Congressional encryption hearing. [Engadget]

  • 25-02-2016: Apple to FBI: you can’t force us to hack the San Bernardino iPhone. [Wired]

  • 25-02-2016: Apple may use a First Amendment defense in that FBI case - and it just might work. [Wired] [The Register]

  • 25-02-2016: If Apple aids terrorists and the FBI is Big Brother… whom do we support? [Ars Technica]

  • 25-02-2016: Apple tells court it would have to create “GovtOS” to comply with ruling. [Ars Technica] [PocketNow] [9to5Mac] [Engadget]

  • 25-02-2016: FBI director admits Apple encryption case could set legal precedent. [HardOCP] [The Guardian] [NZ Herald]

  • 25-02-2016: Microsoft voices its support for Apple. [PocketNow] [Bloomberg] [Engadget]

  • 25-02-2016: If the FBI thinks iPhones are hard to crack now, wait until Apple further upgrades security. [PocketNow] [NYT]

  • 25-02-2016: Apple, FBI talks need engineers. [EETimes]

  • 25-02-2016: 'Hard questions' in Apple phone row. [BBC News]

  • 24-02-2016: Tim Cook: An iPhone master key would be the 'software equivalent of cancer'. [Gizmodo]

  • 24-02-2016: Tim Cook: Unlocking terrorist's iPhone would be 'bad for America'. [Engdaget] [BBC News] [Gizmodo]

  • 24-02-2016: The Apple-FBI fight isn’t about privacy vs. security. [Wired]

  • 24-02-2016: How Apple could be punished for defying the FBI. [HardOCP] [FastCompany]

  • 24-02-2016: Apple fans don't actually care about the whole FBI iPhone thing. [Gizmodo]

  • 24-02-2016: Apple reveals other FBI demands for iPhone unlocking around US. [Stuff]

  • 24-02-2016: Americans back FBI, not Apple in iPhone case. [NZ Herald]

  • 23-02-2016: Apple fans take iPhone unlock protest to FBI HQ. [The Register]

  • 23-02-2016: iPhone unlocking case about setting a precedent, despite what the FBI says. [THG]

  • 23-02-2016: Bill Gates denies iPhone crack demand would set precedent. [The Register] [Engadget] [Gizmodo] [PocketNow] [HardOCP] [Bloomberg] [Stuff]

    • 23-02-2016: Bill Gates is really upset that you all thought he was on the Feds' side. [The Register]

  • 23-02-2016: Only losers in the iPhone backdoor saga. [NZ Herald]

  • 23-02-2016: Latest in Apple v FBI public squabble over iPhone 'precedent'. [The Register]

  • 22-02-2016: How the FBI could use acid and lasers to access data stored on seized iPhone. [Ars Technica]

  • 22-02-2016: Zuckerberg supports Apple in fight with FBI over iPhone privacy. [Wired]

  • 22-02-2016: The lowdown on the Apple-FBI showdown. [Krebs]

  • 22-02-2016: FBI chief 'not trying to set precedent' with shooter's iPhone. [Engadget] [Gizmodo]

  • 22-02-2016: The natural outcome of the encryption wars in the U.S. [HardOCP] [Daniel Miessler]

  • 22-02-2016: Decrypting an iPhone for the FBI. [Schneier]

  • 21-02-2016: The San Bernardino iPhone: FBI dismisses iCloud siphoning as victims side against Apple. [PocketNow]

  • 21-02-2016: If FBI busts into seized iPhone, it could get non-iCloud data, like Telegram chats. [Ars Technica]

  • 21-02-2016: Apple vs. FBI: should Apple be required to unlock a terrorist’s iPhone? [PocketNow]

  • 20-02-2016: Senate intel chief backs off on bill criminalizing refusal to aid decryption. [Ars Technica]

  • 19-02-2016: Feds say Apple's stand against the FBI is just a PR stunt. [Gizmodo] [ExtremeTech]

  • 19-02-2016: DoJ files motion to force Apple to hack iPhone in San Bernardino case. [Wired] [Ars Technica] [Engadget]

  • 19-02-2016: Apple says the government bungled its chance to get that iPhone’s data. [Wired] [Ars Technica] [Gizmodo]

    • 19-02-2016: San Bernardino County calls the FBI liars over terrorist's iCloud account. [Gizmodo]

    • 21-02-2016: FBI confirms it screwed up and reset shooter’s iCloud password. [HardOCP] [Business Insider] [The Register]

  • 19-02-2016: Apple hires free-speech lawyers as Justice Department moves to force Apple’s compliance. [PocketNow] [CNBC] [Reuters]

  • 18-02-2016: Encryption isn’t at stake, the FBI knows Apple already has the desired key. [Ars Technica]

  • 18-02-2016: Apple’s FBI battle is complicated - here’s what’s really going on. [Wired] [Engadget] [NZ Herald]

  • 18-02-2016: Apple vs. the FBI may not be a war Apple can win. [HardOCP] [ZDNet]

  • 18-02-2016: McAfee will break iPhone crypto for FBI in 3 weeks or eat shoe on live TV. [Ars Technica] [HardOCP] [Business Insider] [BBC News]

    • 19-02-2016: Good luck John McAfee, socially engineering a corpse. [Graham Cluley]

    • 07-03-2016: John McAfee lied about being able to hack iPhone. [HardOCP] [DailyDot]

    • 10-03-2016: John McAfee tells Ars he’s fighting a lonely battle, but he’s not lying. [Ars Technica]

  • 18-02-2016: Apple vs the FBI - a plain English guide. [BBC News]

  • 18-02-2016: Apple vs FBI: what would you do? [EETimes]

  • 18-02-2016: Google CEO: FBI's request of Apple could set a 'troubling precedent'. [Engadget] [Gizmodo] [ExtremeTech]

  • 18-02-2016: Why the FBI forcing Apple to break into an iPhone is a big deal. [Stuff] [Gizmodo] [NZ Herald]

  • 17-02-2016: Why Tim Cook is right to call court-ordered iPhone hack a “backdoor". [Ars Technica]

  • 17-02-2016: Tim Cook: FBI backdoor order is 'chilling' and 'dangerous'. [Engadget]

  • 17-02-2016: Apple/FBI/encryption Q&A. [The Register]

  • 17-02-2016: FBI iPhone unlock order reaction: Trump, Rubio say no to Apple. EFF and Twitter say yes. [The Register]

    • 14-03-2016: Donald Trump drops Apple boycott, John Oliver perfectly summarizes encryption controversy. [PocketNow]

  • 17-02-2016: Apple and the FBI: intended and unintended consequences of an iPhone backdoor. [THG]

  • 17-02-2016: Why Apple is fighting back. [ReadWriteWeb]

  • 17-02-2016: Apple will fight US gov’t over court-ordered iPhone backdoor. [Ars Technica] [PocketNow] [BBC News] [Stuff] [Wired] [Gizmodo] [ExtremeTech]

  • 16-02-2016: Judge: Apple must help FBI unlock San Bernardino shooter’s iPhone. [Ars Technica] [Stuff] [NZ Herald] [Schneier]

2015 – Shellshock

  • 03-10-2016: Shellshock two years on – has your company forgotten about it? [BitDefender]

  • 15-12-2014: Worm exploits nasty Shellshock bug to commandeer network storage systems. [Ars Technica]

  • 28-10-2014: Shellshock over SMTP attacks mean you can now ignore your email. [The Register]

  • 16-10-2014: Ghost in the (Bourne Again) Shell: fallout of Shellshock far from over. [Ars Technica]

  • 07-10-2014: Yahoo hacked using Shellshock flaw. [Stuff] [The Register] [The Independent] [NZ Herald] [DC Knowledge]

    • 07-10-2014: Yahoo denies Shellshock hack, blames breach on copycat code. [ReadWriteWeb]

    • 08-10-2014: Yahoo told to “pull your pants up” after Shellshock hack claims. [Graham Cluley]

    • 08-10-2014: FBI pays visit to researcher who revealed Yahoo hack. [Wired]

  • 03-10-2014: Bored hackers flick Shellshock button to OFF as payloads shrink. [The Register]

  • 02-10-2014: Everything you need to know about the Shellshock bug. [ReadWriteWeb]

  • 02-10-2014: What Shellshock has done so far. [ReadWriteWeb]

  • 01-10-2014: Shellshock attacks could already top 1 Billion. [HardOCP] [SecurityWeek]

  • 01-10-2014: Shellshock fixes beget another round of patches as attacks mount. [Ars Technica]

  • 30-09-2014: Inside Shellshock: how hackers are using it to exploit systems. [CloudFlare]

  • 30-09-2014: OpenVPN open to pre-auth Bash Shellshock bug . [The Register]

  • 30-09-2014: New security flaws render Shellshock patch ineffective. [ReadWriteWeb]

  • 29-09-2014: Shellshock makes Heartbleed look insignificant. [ZDNet]

  • 29-09-2014: Fortune 1000 outfits Bash out batches of patches. [The Register]

  • 29-09-2014: Shellshock: 'Larger scale attack' on its way, warn securo-bods. [The Register]

  • 29-09-2014: The Internet is broken, and Shellshock is just the start of our woes. [Wired] [Stuff]

  • 28-09-2014: The Shellshock command security flaw isn't really fixed yet. [Engadget]

  • 27-09-2014: FireEye observes significant amount of malicious traffic leveraging Shellshock bug in Bash, suspects this is a dry run before a potentially larger-scale attack. [FireEye]

  • 27-09-2014: The man who found the web's 'most dangerous' bug. [Stuff]

  • 27-09-2014: Still more vulnerabilities in bash? Shellshock becomes whack-a-mole. [Ars Technica]

  • 27-09-2014: Oracle shell-shocked by Bash bug. [The Register]

  • 25-09-2014: The Internet braces for the crazy Shellshock worm. [Wired]

  • 25-09-2014: Bash bug: Shellshocked yet? You will be ... when this goes WORM. [The Register]

  • 25-09-2014: First attacks using 'shellshock' Bash bug discovered. [ZDNet] [Ars Technica] [Wired]

  • 25-09-2014: The Shellshock Bash bug – what is it, and are your computers vulnerable? [Graham Cluley] [Schneier] [Krebs] [Gizmodo] [The Register] [Errata Security] [Engadget] [DC Knowledge] [NYT] [NZ Herald]

2015 – Hacking Team

  • 07-07-2017: Hacking Team is back. [Engadget]

  • 13-04-2017: Callisto Group snoopers wreak havoc with leaked HackingTeam spyware. [The Register]

  • 17-04-2016: This hacker's account of how he infiltrated Hacking Team says a lot about digital security. [Gizmodo] [Pastebin] [Ars Technica] [Schneier]

  • 07-04-2016: Hacked spyware firm Hacking Team dealt a further blow. [Graham Cluley] [The Register]

  • 29-02-2016: Largely undetected Mac malware suggests disgraced HackingTeam has returned. [Ars Technica] [Engadget]

  • 30-10-2015: Hacking Team offers encryption breaking tools to law enforcement. [Engadget]

  • 27-07-2015: Hacking Team's purchasing of zero-day vulnerabilities. [Schneier] [tsyrklevich]

  • 24-07-2015: Hacking Team leak shows how secretive zero-day exploit sales work. [Wired]

  • 23-07-2015: Advanced spyware for Android now available to script kiddies everywhere. [Ars Technica] [THG] [The Register]

  • 23-07-2015: Hacking Team may not have had a backdoor, but it could kill client installs. [Ars Technica]

  • 22-07-2015: Security tool bod's hell: People think I wrote code for Hacking Team! [The Register]

  • 22-07-2015: Hacking Team: it’s not us who’ve actually sinned. [The Register]

  • 21-07-2015: Researcher takes umbrage after finding his code in Hacking Team malware. [Ars Technica]

  • 21-07-2015: Hacking Team goes to war against former employees, suspects some helped hackers. [Ars Technica] [HardOCP]

  • 20-07-2015: How was Hacking Team hacked? [Graham Cluley]

  • 20-07-2015: The Hacking Team Android malware app that waltzed past Google Play’s security checks. [Graham Cluley]

  • 20-07-2015: Hacking Team hackers questioned over Hacking Team hack. [The Register]

  • 18-07-2015: Hacking Team apparently violated EU rules in sale of spyware to Russian agency. [Ars Technica]

  • 17-07-2015: Hacking Team’s evil Android app had code to bypass Google Play screening. [Ars Technica]

  • 14-07-2015: I worked at Hacking Team, my emails were leaked, and I’m OK with that. [Gizmodo]

  • 14-07-2015: Hacking Team broke Bitcoin secrecy by targeting crucial wallet file. [Ars Technica]

  • 14-07-2015: Hacking Team spyware rootkit: Even a new hard drive wouldn't get rid of it. [The Register]

  • 14-07-2015: Hacking Team touts new spyware suite, calls leaks now “obsolete”. [Ars Technica] [The Register]

  • 13-07-2015: Hacking Team used spammer tricks to resurrect spy network. [Krebs]

  • 12-07-2015: Hacking Team orchestrated brazen BGP hack to hijack IPs it didn’t own. [Ars Technica]

  • 12-07-2015: Hacking Team chief: 'We're the GOOD GUYS fighting crims and rooting out lone wolves'. [The Register]

  • 10-07-2015: Now you can explore Hacking Team's world of selling spyware. [Engadget]

  • 10-07-2015: Hacking Team shows the world how not to stockpile exploits. [Wired]

  • 10-07-2015: How a Russian hacker made $45,000 selling a 0-day Flash exploit to Hacking Team. [Ars Technica]

  • 09-07-2015: How spyware peddler Hacking Team was publicly dismantled. [Engadget]

  • 09-07-2015: Hacking Team's email archive - now searchable online. [Graham Cluley]

  • 09-07-2015: Days after Hacking Team breach, nobody fired, no customers lost. [Ars Technica]

  • 09-07-2015: Despite Hacking Team’s poor opsec, CEO came from early days of PGP. [Ars Technica]

  • 08-07-2015: Hacking Team's lame excuse for selling digital weapons to Sudan. [Gizmodo]

  • 08-07-2015: Hacking Team exploit is in the wild. [The Register]

  • 07-07-2015: Massive leak reveals Hacking Team’s most private moments in messy detail. [Ars Technica]

  • 07-07-2015: Hacking Team tells government customers to stop using its spyware, following hack. [Graham Cluley] [The Register] [Schneier] [Motherboard]

  • 06-07-2015: Lesson #1 from the Hacking Team hack: Choose strong passwords. [Graham Cluley]

  • 06-07-2015: Hacking Team breach shows a global spying firm run amok. [Wired] [Gizmodo] [ExtremeTech]

  • 06-07-2015: The FBI spent $775K on Hacking Team’s spy tools since 2011. [Wired]

  • 06-07-2015: Hacking Team hacked. [Graham Cluley] [BBC News] [Schneier] [HardOCP] [ZDNet] [Ars Technica] [Stuff]

2014 – Heartbleed

  • 13-06-2017: Heartbleed still hurting hard. [Graham Cluley]

  • 01-02-2017: Heartbleed remains unpatched on thousands of servers. [DC Knowledge]

  • 23-01-2017: Heartbleed is not dead - and isn't likely to be any time soon. [Graham Cluley]

  • 15-09-2015: Heartbleed is far from dead. 200,000+ vulnerable devices on the internet. [Graham Cluley] [The Register]

  • 08-04-2015: Most top corporates still Heartbleeding over the internet. [The Register]

  • 10-11-2014: Sysadmins disposed of Heartbleed certs, but forgot to flush. [The Register]

  • 10-10-2014: How an engineer uncovered Heartbleed. [Stuff]

  • 30-09-2014: The weird way the Heartbleed bug made the web more secure. [Wired]

  • 28-08-2014: Months later, Heartbleed hack still a threat. [Stuff] [Ars Technica]

  • 20-08-2014: Heartbleed blamed for Chinese theft of 4.5 million health records. [Engadget] [Graham Cluley]

  • 23-07-2014: Google banks on its own tech to protect Chrome users from another Heartbleed. [Engadget] [Ars Technica] [The Register]

  • 24-06-2014: Heartbleed: hundreds of thousands vulnerable. [Stuff]

  • 22-06-2014: More than half of Heartbleed-vulnerable servers are still exposed. [Gizmodo]

  • 10-06-2014: After Heartbleed, we're overreacting to bugs that aren't a big deal. [Wired]

  • 05-06-2014: Heartbleed redux: another gaping wound in web encryption uncovered. [Wired] [Gizmodo] [Android Police] [Stuff] [The Register] [Ars Technica] [Engadget] [BBC News] [BGR] [Lumension]

  • 05-06-2014: Thanks for nothing OpenSSL, cries stonewalled De Raadt, [The Register]

  • 04-06-2014: The human side of Heartbleed. [Schneier]

  • 03-06-2014: Heartbleed happened – what you can do to stay proactive. [DC Knowledge]

  • 02-06-2014: Meet “Cupid,” the Heartbleed attack that spawns “evil” Wi-Fi networks. [Ars Technica]

  • 21-05-2014: Heartbleed showed us how shockingly lazy people are with their passwords. [BGR]

  • 09-05-2014: Heartbleed clean-up leaves thousands of servers vulnerable. [HardOCP] [ZDNet] [BGR]

  • 09-05-2014: Sysadmins adding Heartbleed to servers. [The Register]

  • 08-05-2014: 300k servers vulnerable to Heartbleed one month later. [Errata Security]

  • 05-05-2014: How to bypass the threat from Heartbleed. [Stuff]

  • 30-04-2014: Google Chrome protection for Heartbleed-hacked sites called “completely broken”. [Ars Technica]

  • 29-04-2014: Why the NSA might not say anything about the next ‘Heartbleed’. [BGR]

  • 28-04-2014: It's crazy what can be hacked thanks to Heartbleed. [Wired]

  • 28-04-2014: Exterminating Heartbleed: how to clear it out of your data center. [ReadWriteWeb]

  • 28-04-2014: The team in charge of OpenSSL: two guys named Steve. [Gizmodo]

  • 28-04-2014: How I used Heartbleed to steal a site’s private crypto key. [Ars Technica]

  • 25-04-2014: Post-Heartbleed: what should you be doing about passwords? [Graham Cluley]

  • 24-04-2014: Tech giants, chastened by Heartbleed, finally agree to fund OpenSSL. [Ars Technica] [The Register] [Trusted Reviews] [Wired]

  • 23-04-2014: Life after Heartbleed: ‘The Internet will never be 100% safe’. [BGR]

  • 23-04-2014: Developers: Heartbleed-affected OpenSSL code is beyond repair. [Gizmodo]

  • 22-04-2014: Apple mends a Heartbleed security bug in its latest WiFi routers. [Engadget]

  • 22-04-2014: Dan Geer on Heartbleed and software monocultures. [Schneier] [LawFare]

  • 22-04-2014: Fixing OpenSSL's Heartbleed flaw will take months, warns Secunia. [The Register]

  • 22-04-2014: How Heartbleed transformed HTTPS security into the stuff of absurdist theater. [Ars Technica]

  • 19-04-2014: Heartbleed maliciously exploited to hack network with multifactor authentication. [Ars Technica]

  • 18-04-2014: The Open Source Initiative hopes public awareness is Heartbleed's 'silver lining'. [Engadget]

  • 18-04-2014: Reverse Heartbleed. [Schneier] [Meldium]

  • 18-04-2014: How Apple dodged the Heartbleed bullet. [AppleInsider]

  • 18-04-2014: Now there’s an easy way to flag sites vulnerable to Heartbleed. [Ars Technica] [Netcraft]

  • 17-04-2014: OpenSSL Heartbleed bug sniff tools are 'buggy'. [The Register]

  • 17-04-2014: Nasty Heartbleed bug exposes OpenVPN private keys too. [Ars Technica]

  • 16-04-2014: Not even Tor can keep you safe from Heartbleed. [BGR]

  • 16-04-2014: This reader mocked Heartbleed, posted his passwords online -- guess what happened next. [HardOCP] [Washington Post]

  • 16-04-2014: Heartbleed hack case sees first arrest in Canada. [BBC News] [HardOCP] [Reuters] [Ars Technica] [Graham Cluley] [Engadget]

  • 16-04-2014: Heartbleed's network effect. [Network Computing]

    • 17-04-2014: Heartbleed bug sends bandwidth costs skyrocketing. [Wired]

  • 15-04-2014: Why you should expect your favorite websites to crash over the next few weeks. [BGR]

  • 15-04-2014: Heartbleed disclosure timeline: who knew what and when. [SMH]

  • 15-04-2014: Hardware giant LaCie acknowledges year-long credit card breach. [Krebs]

  • 15-04-2014: Here are all the passwords you need to change right now because of Heartbleed. [BGR]

  • 15-04-2014: Google knew about Heartbleed for around a month and never told anyone. [BGR]

  • 15-04-2014: Akamai scoffs humble pie: Heartbleed defence crumbles, new SSL keys for customers. [The Register]

  • 15-04-2014: After Heartbleed, why forward secrecy is more important than ever. [ReadWriteWeb]

  • 15-04-2014: Heartbleed fallout may 'slow' browsing speeds. [BBC News]

  • 15-04-2014: Vicious Heartbleed bug bites millions of Android phones, other devices. [Ars Technica] [Graham Cluley] [BGR]

  • 14-04-2014: The NSA issues its own suggestions for avoiding lost Heartbleed data. [Engadget] [BGR]

  • 14-04-2014: Heartbleed SSL bug, DNS and the perils of a monoculture. [Secure64]

  • 14-04-2014: Seven Heartbleed myths debunked. [ReadWriteWeb]

  • 14-04-2014: How the Heartbleed bug reveals a flaw in online security. [NZ Herald]

  • 14-04-2014: Heartbleed exploit, patch, both released. [The Register]

  • 13-04-2014: It’s not a fun week to work at OpenSSL. [Ars Technica]

  • 12-04-2014: What is Heartbleed anyway? [Engadget]

  • 12-04-2014: Tech companies could force NSA reform if they wanted to. Why haven't they? [BoingBoing]

  • 12-04-2014: Heartbleed developer explains OpenSSL mistake that put web at risk. [Ars Technica]

  • 11-04-2014: Answering the critical question: can you get private SSL keys using Heartbleed? [CloudFlare]

  • 11-04-2014: Reaction on “Heartbleed”: working together to mitigate cybersecurity vulnerabilities. [DHS] [BBC News]

  • 11-04-2014: More on Heartbleed. [Schneier]

  • 11-04-2014: NSA exploited Heartbleed to siphon passwords for two years. [Wired] [GottaBeMobile] [ReadWriteWeb] [HardOCP] [Bloomberg] [BGR] [Engadget] [Gizmodo] [HotForSecurity] [ExtremeTech]

  • 11-04-2014: How Heartbleed broke the Internet, and why it can happen again. [Wired]

  • 11-04-2014: It may be ILLEGAL to run Heartbleed health checks – IT lawyer. [The Register] [BGR]

  • 11-04-2014: Heartbleed bug explained by xkcd in a way anyone can understand. [Graham Cluley] [Gizmodo] [BoingBoing] [Engadget]

  • 11-04-2014: In the wake of Heartbleed, watch out for phishing attacks, disguised as password reset emails. [HotForSecurity]

  • 11-04-2014: Man who introduced serious 'Heartbleed' security flaw denies he inserted it deliberately. [SMH]

    • 11-04-2014: 'Simple error' behind Heartbleed bug. [Stuff]

  • 10-04-2014: Heartbleed SSL flaw angst aggravated by broken disclosure process. [eWeek]

  • 10-04-2014: Heartbleed will cause issues with obscure OpenSSL use cases. [PacketU]

  • 10-04-2014: Heartbleed bug hits at heart of many Cisco, Juniper products. [Network World] [Engadget] [Gizmodo]

    • 11-04-2014: Cisco finds 13 products (so far) vulnerable to Heartbleed - including phones. [Ars Technica]

    • 11-04-2014: Heartbleed - what's next? Check your clients, routers, virtual machines And VPNs. [ReadWriteWeb] [Stuff]

    • 12-04-2014: Juniper issues Heartbleed security alert for VPN, switches. [Ars Technica]

    • 14-04-2014: Networking vendors issue Heartbleed fixes. [Network Computing]

  • 10-04-2014: This list reveals the Heartbleed-affected passwords to change now. [Lifehacker] [Mashable] [Gizmodo]

    • 10-04-2014: Heartbleed: which passwords you should change right now. [ExtremeTech]

  • 10-04-2014: Here’s some really bad Heartbleed bug advice about changing your passwords. [Graham Cluley]

  • 10-04-2014: Heartbleed bug: what you need to know. [BBC News] [Krebs] [ReadWriteWeb] [Trusted Reviews]

  • 10-04-2014: Heartbleed bug creates confusion on internet. [BBC News] [Hexus] [Washington Post]

  • 10-04-2014: The simple security measures that could have stopped Heartbleed dead. [Gizmodo]

  • 10-04-2014: Heartbleed vulnerability may have been exploited months before patch. [Ars Technica]

  • 10-04-2014: How Heartbleed works: the code behind the Internet's security nightmare. [Gizmodo]

  • 10-04-2014: Why the internet's security hole is so scary. [Stuff]

  • 09-04-2014: The real threat from the Heartbleed security flaw is the NSA. [BuzzFeed] [Wired]

  • 09-04-2014: What the Heartbleed bug is, and how you can protect yourself. [ExtremeTech]

  • 09-04-2014: What to do about Heartbleed, the massive security bug that affects us all. [BGR] [Engadget] [GottaBeMobile]

  • 09-04-2014: Public urged to reset all passwords. [HardOCP] [BBC News] [NYT] [Wired]

  • 09-04-2014: Anatomy of OpenSSL's password, crypto-key leaking bug. [The Register]

  • 09-04-2014: Did the Heartbleed bug leak your Yahoo password? [Graham Cluley]

  • 09-04-2014: Critical crypto bug exposes Yahoo Mail, other passwords Russian roulette-style. [Ars Technica]

  • 08-04-2014: How to protect against the Heartbleed security bug. [GottaBeMobile]

  • 08-04-2014: Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping. [Ars Technica] [ReadWriteWeb] [cNet] [Heartbleed] [Stuff] [NZ Herald] [Schneier]

2013 – Silk Road

The untold story of Silk Road. [Wired: part 1, part 2]

  • 05-11-2020: The feds just seized Silk Road’s $1 billion stash of bitcoin. [Ars Technica]

  • 12-04-2019: Silk Road 2 founder sentenced five years after the site was shut down. [Engadget] [The Register] [BBC News]

  • 29-01-2019: Undercover agent tells all: I helped catch Silk Road boss Ross Ulbricht. [The Register]

  • 18-09-2017: Feds in California are aggressively going after Silk Road, AlphaBay vendors. [Ars Technica]

  • 19-08-2017: Silk Road: Google search unmasked Dread Pirate Roberts. [BBC News]

  • 15-08-2017: Secret Service agent, corrupted by Silk Road case, cops to second heist. [Ars Technica]

  • 31-05-2017: Appeals court upholds Ross Ulbricht’s life sentence for creating Silk Road. [Ars Technica] [Wired] [The Register] [Engadget]

  • 23-05-2017: The Silk Road creator's life sentence actually boosted dark web drug sales. [Wired]

  • 06-10-2016: Judges question Ross Ulbricth's life sentence in Silk Road appeal. [Wired]

  • 08-09-2016: Thai prison interview with the alleged top advisor to Silk Road. [Ars Technica]

  • 23-08-2016: The Feds just turned a $1.6 million profit on seized Silk Road Bitcoin. [Gizmodo]

  • 22-08-2016: Irish man said to be Silk Road’s “Libertas” fights to stay out of US prison. [Ars Technica]

  • 14-08-2016: Irish court orders alleged Silk Road admin to be extradited to US. [Ars Technica]

  • 12-08-2016: Post-Silk Road, Feds bust chaps for 'dealing heroin, coke' on world's largest dark web souk. [The Register]

  • 27-07-2016: The Silk Road takedown, and why hosts should know their local FBI agent. [DC Knowledge]

  • 04-07-2016: Corrupt agent who investigated Silk Road is suspected of another $700k heist. [Ars Technica]

  • 18-06-2016: Silk Road prosecutors argue Ross Ulbricht doesn’t deserve a new trial. [Wired] [Ars Technica]

  • 03-06-2016: Second-in-command at Silk Road 2.0 sentenced to 8 years in prison. [Ars Technica] [Engadget] [BBC News]

  • 04-04-2016: Top Silk Road 2.0 admin “DoctorClu” pleads guilty, could face 8 years in prison. [Ars Technica]

  • 17-03-2016: Drug reform groups blast Silk Road founder Ross Ulbricht’s life sentence. [Ars Technica]

  • 14-01-2016: The Silk Road's dark-web dream is dead. [Wired]

  • 13-01-2016: Ross Ulbricht appeals his Silk Road conviction. [Engadget] [The Register] [Ars Technica]

  • 27-12-2015: The Silk Road bust almost didn't happen. [Engadget]

  • 08-12-2015: Six years in the slammer for SilkRoad-skimming secret agent [The Register] [BBC News]

  • 06-12-2015: Ross Ulbricht’s alleged top confidant, Variety Jones, arrested in Thailand. [Ars Technica] [Engadget] [BBC News] [The Register]

    • 10-12-2015: Thai police: Suspected Silk Road consigliere to be sent to US soon. [Ars Technica]

  • 20-10-2015: Corrupt Silk Road agent Carl Force sentenced to 78 months. [Ars Technica] [Engadget] [The Register]

  • 12-08-2015: Crackdowns haven't stopped the dark web's $100M yearly drug sales. [Wired]

  • 22-07-2015: Silk Road heroin dealer who helped convict Ulbricht will serve 2.5 years. [Ars Technica] [Engadget] [BBC News]

  • 09-07-2015: Silk Road creator Ulbricht, an “eternal optimist,” writes a letter from prison. [Ars Technica]

  • 02-07-2015: Corrupt Silk Road investigator pleads guilty, admits to $240K movie deal. [Ars Technica] [Gizmodo] [BBC News] [Engadget]

    • 13-07-2015: DEA agent slugged a million dollars for Silk Road snipe. [The Register]

  • 23-06-2015: Slippery Silk Road spook will plead guilty to duping dealers. [The Register]

  • 18-06-2015: Secret Service agent who stole $820K from Silk Road pleads guilty. [Ars Technica]

  • 08-06-2015: Feds want to ID web trolls who ‘threatened’ Silk Road judge. [Wired] [Ars Technica]

  • 31-05-2015: Meet the major Silk Road dope dealer who only got 10 years in prison. [Ars Technica]

    • 02-06-2015: The Dark Web drug lords who got away. [Wired]

  • 29-05-2015: What Deep Web's director learned investigating Silk Road. [Wired]

  • 29-05-2015: The Silk Road saga is way more than a crime story. [Wired]

  • 22-05-2015: Silk Road Survival: In conversation with 'Deep Web' director Alex Winter. [Engadget]

  • 18-05-2015: Ahead of sentencing, Ulbricht defense argues Silk Road made drug use safer. [Wired] [Ars Technica] [HardOCP]

  • 29-04-2015: How the feds staged torture, murder of a Silk Road staffer. [Ars Technica]

  • 27-04-2015: Silk Road judge denies retrial despite agents’ alleged corruption. [Wired] [HardOCP] [Reuters] [The Register] [Gizmodo] [Engadget]

  • 01-04-2015: Silk Road boss' first murder-for-hire was his mentor's idea. [Wired]

  • 31-03-2015: Two feds who investigated Silk Road accused of stealing from it. [Ars Technica] [HardOCP] [NYT] [BBC News] [Engadget] [The Register] [BoingBoing] [ExtremeTech] [NZ Herald]

    • 01-04-2015: Disgraced DEA agent from Silk Road case sent weird messages to Mt. Gox CEO. [Ars Technica]

    • 02-04-2015: New Silk Road docs show how site got looted by cop who hijacked dealers’ accounts. [Ars Technica]

  • 30-03-2015: The bizarre schemes of the Silk Road investigator who broke bad. [Gizmodo]

  • 22-03-2015: Silk Road seller 'blew through all that money using drugs and going to strip clubs'. [The Register]

  • 20-03-2015: Silk Road coder turned dealer turned informant gets five years. [The Register] [Ars Technica]

  • 16-03-2015: Silk Road moderator “Samesamebutdifferent” pleads guilty, faces life in prison. [Ars Technica] [The Register] [BBC News] [HardOCP]

  • 08-03-2015: Convicted Silk Road mastermind Ross Ulbricht demands retrial. [Ars Technica] [Gizmodo] [HardOCP] [cNet] [Wired]

    • 09-03-2015: Why a Silk Road retrial is necessary. [Gizmodo]

  • 08-02-2015: Anonymity is dead and other lessons from the Silk Road trial. [Engadget]

  • 06-02-2015: Copycat site mourns Silk Road verdict, blames Ulbricht’s bad opsec. [Ars Technica]

  • 23-01-2015: I2P: the super-anonymous network that Silk Road calls home. [Gizmodo]

  • 21-01-2015: Alleged “right hand man” to Silk Road 2.0 leader arrested in Seattle. [Ars Technica] [BBC News] [The Register]

  • 11-01-2015: Silk Road Reloaded ditches Tor for a more anonymous network. [Gizmodo] [HardOCP] [Ars Technica]

  • 11-01-2015: Who was Silk Road’s Dread Pirate Roberts? As trial nears, a jury will decide. [Ars Technica] [The Register]

    • 13-01-2015: Trial of accused Silk Road mastermind Ross Ulbricht begins. Here's why you should care. [BoingBoing] [Wired]

    • 14-01-2015: Ulbricht admits founding the site, but says he isn’t DPR. [Ars Technica] [The Daily Dot] [Wired] [The Register] [Gizmodo]

    • 14-01-2015: Undercover agent reveals how he helped the FBI trap Silk Road’s Ross Ulbricht. [Wired] [Ars Technica]

    • 15-01-2015: Defense bombshell in Silk Road trial: Mt. Gox founder “set up” Ulbricht. [Ars Technica]

    • 16-01-2015: Mt Gox Bitcoin baron: I was not Silk Road boss DPR. [The Register] [Ars Technica] [Motherboard] [HardOCP]

    • 21-01-2015: Ross Ulbricht’s family “shocked” that he created Silk Road. [Ars Technica]

    • 21-01-2015: Silk Road trial: defense struggles to show jury “alternative” DPRs. [Ars Technica] [Wired] [The Register]

    • 21-01-2015: Bitcoin exchange operator sentenced to 4 years for Silk Road transactions. [Wired]

    • 22-01-2015: Silk Road trial: FBI reveals what’s on Ross Ulbricht’s computer, in open court. [Ars Technica] [Wired]

    • 22-01-2015: Ulbricht confessed to running Silk Road, his college friend testifies. [Wired] [Ars Technica]

    • 27-01-2015: The incredibly simple story of how the gov’t Googled Ross Ulbricht. [Ars Technica]

    • 29-01-2015: Silk Road trial: Prosecutors compare Ulbricht’s e-mail with DPR’s online life. [Ars Technica]

    • 30-01-2015: Silk Road trial: How the Dread Pirate Roberts embraced violence. [Ars Technica]

    • 30-01-2015: Silk Road trial latest: Ulbricht's Gmail addy appeared on ad for 'Amazon.com for drugs'. [The Register] [Gizmodo]

    • 03-02-2015: Silk Road prosecutors complete the bizarre DPR murder-for-hire story. [Ars Technica]

    • 03-02-2015: Ulbricht tells judge: I’m not going to testify. [Ars Technica]

    • 03-02-2015: Silk Road defense makes its final pitch: don’t trust Internet evidence. [Wired]

    • 04-02-2015: Silk Road trial closes: “It’s a hacker! It’s a virus! It’s ludicrous.” [Ars Technica]

    • 04-02-2015: Ulbricht guilty in Silk Road online drug-trafficking trial [Ars Technica] [Gizmodo] [Wired] [BoingBoing] [The Register] [BBC News] [Engadget] [Stuff]

    • 05-02-2015: The Silk Road trial: Wired's gavel-to-gavel coverage. [Wired]

    • 08-02-2015: Anonymity is dead and other lessons from the Silk Road trial. [Engadget]

    • 09-02-2015: Dealer pleads guilty to selling drugs on the Silk Road. [Ars Technica]

    • 09-02-2015: The hitman scam: Dread Pirate Roberts’ bizarre murder-for-hire attempts. [Ars Technica]

    • 09-02-2015: Ross Ulbricht didn’t create Silk Road’s Dread Pirate Roberts. This guy did. [Wired]

  • 09-01-2015: Three reasons the Silk Road trial matters. [Wired]

  • 20-12-2014: After Silk Road takedowns, Dark Web drug sites still thriving. [Ars Technica]

  • 20-11-2014: How the Dark Web’s new favorite drug market is profiting from Silk Road 2’s demise. [Wired]

  • 17-11-2014: Silk Road 2.0 suspect’s Twitter account hijacked. [Ars Technica]

  • 14-11-2014: How a Russian dark web drug market outlived the Silk Road (and Silk Road 2). [Wired] [HardOCP]

  • 06-11-2014: Feds arrest alleged ‘Silk Road 2′ admin, seize servers. [Krebs] [HardOCP] [FBI] [Wired] [Ars Technica] [Engadget] [Gizmodo] [The Register] [Stuff] [BoingBoing]

    • 06-11-2014: Not just Silk Road 2: feds seize two other drug markets and counting. [Wired]

    • 07-11-2014: US Attorney’s office: Whoops, Silk Road 2.0 hired a fed. [Ars Technica]

    • 07-11-2014: Prosecutor: Silk Road 2.0 suspect “did admit to everything". [Ars Technica]

    • 07-11-2014: FBI: shutting down Silk Road 2 was just the start. [Gizmodo]

    • 07-11-2014: Brit cops nab six in Silk Road 2.0 drugs sting. [The Register]

    • 08-11-2014: Silk Road 2.0, infiltrated from the start, sold $8M per month in drugs. [Ars Technica]

    • 08-11-2014: Silk Road 3 is already up, but it's not the future of Darknet drugs. [Gizmodo]

    • 09-11-2014: The full list of Dark Net markets shut down by operation Onymous. [Gizmodo]

    • 10-11-2014: Silk Road, other Tor “darknet” sites may have been “decloaked” through DDoS. [Ars Technica]

    • 10-11-2014: Alleged Silk Road 2 mastermind worked for ex-Googler’s secret startup. [Wired]

    • 10-11-2014: Dark net experts trade theories on 'de-cloaking' after raids. [BBC News]

    • 10-11-2014: Dark net raids were 'overblown' by police, says Tor Project. [BBC News] [Tor Project]

    • 11-11-2014: Law enforcement seized Tor nodes and may have run some of its own. [Ars Technica]

    • 11-11-2014: The Tor Project still doesn't know how authorities compromised its anonymity. [ReadWriteWeb]

    • 11-11-2014: Accused Silk Road 2.0 kingpin was “very polite” techie, kept a Bible in his Tesla. [Ars Technica]

  • 02-10-2014: A year after the death of Silk Road, Darknet markets are booming. [The Atlantic]

  • 11-09-2014: How online black markets have evolved since Silk Road's downfall. [Wired]

  • 05-09-2014: The FBI finally says how it ‘legally’ pinpointed Silk Road’s server. [Wired] [Engadget] [Ars Technica]

    • 07-09-2014: Analyzing the FBI’s explanation of how they located Silk Road. [New Web Order]