The Trump administration has announced criminal charges and sanctions against nine Iranians accused of participating in a government-sponsored hacking scheme to steal sensitive information from hundreds of universities, private companies and US government agencies.

The nine defendants, accused of working at the behest of the Iranian government-tied Islamic Revolutionary Guard Corps, hacked the computer systems of about 320 universities in the United States and abroad to steal expensive research that was then used or sold for profit, prosecutors said. 

The Trump administration on Thursday blamed the Russian government for a campaign of cyber attacks stretching back at least two years that targeted the U.S. power grid, marking the first time the United States has publicly accused Moscow of hacking into American energy infrastructure.

Beginning in March 2016, or possibly earlier, Russian government hackers sought to penetrate multiple U.S. critical infrastructure sectors, including energy, nuclear, commercial facilities, water, aviation and manufacturing, according to a U.S. security alert published Thursday. 

Often, the best way to get something is to simply ask for it. That’s probably what the Israeli government thought when it sent an email to several American researchers and firms who make so-called zero-days, tools that take advantage of vulnerabilities in software that are unknown to the company that makes the software.

Experts have obtained a copy of the letter, which more than half a dozen sources described as unsolicited and unusual in how blunt and direct it was. Experts confirmed that at least five American firms received the letter, and multiple sources told us it was sent to many more.

Thousands of websites, including those belonging to NHS services, the Student Loans Company and several English councils, have been infected by malware that forces visitors’ computers to mine cryptocurrency while using the site.

Late on Sunday, the website of the UK’s data protection watchdog, the Information Commissioner’s Office, was taken down to deal with the issue after it was reportedly infected by the malware. The cryptojacking script was inserted into website codes through BrowseAloud, a popular plugin that helps blind and partially-sighted people access the web. More than 5,000 websites have been flooded by the malware. 

A computer security exploit developed by the US National Security Agency and leaked by hackers last year is now being used to mine cryptocurrency, and according to cybersecurity experts the number of infections is rising.

Last April, a hacking group called the Shadow Brokers leaked EternalBlue, a Windows exploit that was developed by the NSA. Less than a month later, EternalBlue was used to unleash a devastating global ransomware attack called WannaCry that infected more than 230,000 computers in 150 countries. A month later, in June, the EternalBlue exploit was again used to cripple networks across the world in an even more sophisticated attack. 

Donald Trump’s national security team is looking at options to counter the threat of China spying on US phone calls that include the government building a super-fast 5G wireless network. The official said the option was being debated at a low level in the administration and was six to eight months away from being considered by the president himself. 

The 5G network concept is aimed at addressing what officials see as China’s threat to US cyber security and economic security. The Trump administration has taken a harder line on policies initiated by predecessor Barack Obama on issues ranging from Beijing’s role in restraining North Korea to Chinese efforts to acquire US strategic industries. 

Sensitive information about the location and staffing of military bases and spy outposts around the world has been revealed by a fitness tracking company.

The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others. The map, released in November 2017, shows every single activity ever uploaded to Strava – more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major citie. 

A Defense Department report found that 165 defense contractors had their initial security clearances revoked last year after further investigation linked the recipients to problematic or illicit activity, including questionable financial transactions, influence by foreign governments and even felonies like pedophilia.

The report, which will be released Wednesday, shows how it is possible for people who have been compromised or who have criminal backgrounds to slip through the cracks of the preliminary background investigation and obtain access to sensitive national security-related information. 

A state law enforcement officer, apparently without the knowledge of his own agency, purchased malware that can intercept social media messages, emails, and much more.

Although it’s unclear why the investigator bought the malware, which requires physical access to a smartphone to install, this is the first known case of a US state law enforcement officer purchasing such a tool. In a similar way to how surveillance technology such as Stingrays has trickled down to local agencies, the news highlights how spying software is not limited to federal agencies such as the FBI or DEA, but has spread, in some form, to more regional forces.

There’s more misery ahead for Huawei, which just saw AT&T pull out of a deal to carry its first smartphone, and fellow Chinese tech firm ZTE.

The duo are well known for their growing smartphone businesses worldwide, but it is their more established telecom networking and equipment units that are again under fire in Washington. A new bill introduced to Congress proposes a ban preventing branches of the U.S. government from working with service providers that use any equipment from either company for security reasons. The bill is sponsored by Texas-based Republican Michael Conaway, who is leading the investigation into Russia’s alleged election interference.