Kim Zetter

Kim Zetter

Reporter covering cybersecurity/privacy. Author of COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World's First Digital Weapon. Signal user.

76159 followers  •  2571 follow  •  Pacific Time (US & Canada)  •

DoJ announces that it has found and recaptured the majority of the ransom that Colonial Pipeline paid.

Substack has announced the 12 winners of its local journalism initiative that will fund independent journos from around the world for 1 year. Winners are based in Romania, Nigeria, Brazil, Taiwan, the UK, Australia and the US.

Do any Turkish journalists follow me? Have a question - DMs open

Adding to previous reports that DoJ had seized phone records of WaPo reporters, the NYT now says DoJ also secretly seized phone records of four NYT reporters spanning Jan 14-Apr 30, 2017: Matt Apuzzo, Adam Goldman, Eric Lichtblau and Michael S. Schmidt.

Lets talk about why journalist phone records from 2017 were still available to be seized 3 yrs later in 2020. Carriers vary in how long they retain call history. Verizon/AT&T retain 7yrs; T-Mobile 23 months; Sprint 18 months, but you can get copy of bills going back 7-10 yrs.

Really thoughtful explanation from @ProPublica  about why they're publishing tax info for the wealthiest Americans, which they received from an anonymous source. They considered that the info might come from "a state actor hostile to American interests."

In ransom talks "everything moves. The business value—the why should we do this? What’s the value of it?—that changes every 12 hrs…. The final decision to actually pay, that only happens at the very end" when you've determined you can't recover data


Georgetown law school has created a fact sheet for all 50 states explaining the laws barring unauthorized private militia groups and what to do if groups of armed individuals show up near a polling place or voter registration drive.

Someone asked me to provide a simple description of what this SolarWinds hack is all about. So for anyone who is confused by the technical details, here's a thread with a simplified explanation of what happened and what it means.

@CNN  has now confirmed what I wrote 4 days ago, that CP shut down pipeline because they couldn't bill customers. Per CNN: "The company halted operations because its billing system was compromised...and they were concerned they wouldn't be able to figure out how much to bill"

If you're wondering why DEA and US Marshal's Service have been given authority to conduct covert surveillance of protestors, it's likely because they have planes outfitted with Dirtboxes - powerful stingray devices that collect data on phones from the air

tweet picture

Former security technician for home security company ADT admitted he secretly accessed customers' home security cameras more than 9,600 times over 4+ yrs, particularly in homes of attractive women to spy on them while they undressed, slept, or had sex

NOTe: This is a risk-limiting audit. It’s NOT a recount being done to appease Trump. It was always planned that Georgia would do a risk-limiting audit of one statewide race this election. It makes sense that the chosen race is the presidential one.

Oh wow. That passenger who boarded the Jet Blue plane to Miami after receiving a text telling him he tested positive for the coronavirus has been banned *for life* by the airline from flying on its planes.

The hackers did this back in March and their activity was only recently discovered - this means they have been inside gov systems all these months stealing data and spying on gov workers without anyone knowing until now. They also infected telecoms and other company networks.

Cellphone location data shows anti-lockdown protesters travel hundreds of miles and cross state borders to attend protests, potentially carrying the infection back to their home location.