Dan Goodin, Ars Technica

Dan Goodin

Ars Technica

San Francisco, CA, United States

Contact Dan

Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.

Start free trial

  • Ars Technica
  • Ars Technica UK

Recent articles by Dan:

World’s most destructive botnet returns with stolen passwords and email in tow

Noticing an uptick in spam from people you know? You can probably blame Emotet. → Read More

Advanced hackers are infecting IT providers in hopes of hitting their customers

Previously undocumented Tortoiseshell is skilled, but by no means perfect. → Read More

Protocol found in webcams and DVRs are fueling a new round of big DDoSes

WSD is supposed to be confined to local networks. It's not, and researchers are concerned. → Read More

Password-exposing bug purged from LastPass extensions

Google Project Zero finds and reports flaw in widely used password manager. → Read More

Meet the three North Korean hacking groups funding the country’s weapons programs

Hackers are behind attacks that wreak destruction steel hundreds of millions of dollars. → Read More

Hackers are exploiting a platform-agnostic flaw to track mobile phone locations

Attacks work by sending commands directly to applications stored on SIM cards. → Read More

18 months after indictment, Iranian phishers are still targeting universities

A group charged with stealing 32 terabytes of academic data is still going strong. → Read More

Weakness in Intel chips lets researchers steal encrypted SSH keystrokes

DDIO makes servers faster. It can also allow rogue servers to covertly steal data. → Read More

Apple takes flak for disputing iOS security bombshell dropped by Google

Apple statement alienates the security community when the company needs it most. → Read More

Exploit for wormable Bluekeep Windows bug released into the wild

The Metasploit module isn't as polished as the EternalBlue exploit. Still, it's powerful. → Read More

Zeroday privilege escalation disclosed for Android

Google has so far remained mum on the flaw, which affects fully patched devices. → Read More

600,000 GPS trackers for people and pets are using 123456 as a password

A lack of encryption and easily enumerated IDs open users to a host of creepy attacks. → Read More

IoT botnet creator cops plea to hacking more than 800,000 devices

Creator of Sartori and other botnets admits he created DDoS-for-hire service. → Read More

A glut of iOS 0-days pushes their price below cost of those for Android

Top price for unpublished Android exploits reaches $2.5 million, a 25% premium over iOS. → Read More

Armed with iOS 0days, hackers indiscriminately infected iPhones for two years

Attackers installed malware that stole passwords, log-in credentials, and much more. → Read More

Google Play apps with 1.5 million downloads drained batteries and slowed devices

Stealthy new click-fraud technique displayed ads that were invisible to users. → Read More

US hack attack hobbles Iran’s ability to target oil tankers, NYT says

Despite the results, some Trump officials question if costs outweigh benefits. → Read More

Google Play app with 100 million downloads executed secret payloads

The sad, impractical truth about Android app security in 2019. → Read More

iOS vulnerability that let you jailbreak your iPhone is once again dead

Previously fixed bug, which somehow came back in iOS 12.4, is patched for a second time. → Read More

Hackers are actively trying to steal passwords from two widely used VPNs

Got Fortigate or Pulse Secure? Now would be a good time to make sure they're patched. → Read More