acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorBruce Schneier
bg-corner

De-anonymization Story
From Schneier on Security

De-anonymization Story

This is important: Monsignor Jeffrey Burrill was general secretary of the US Conference of Catholic Bishops (USCCB), effectively the highest-ranking priest inreportedly...

Hiding Malware in ML Models
From Schneier on Security

Hiding Malware in ML Models

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models”. Abstract: Delivering malware covertly and detection-evadingly is critical to...

Disrupting Ransomware by Disrupting Bitcoin
From Schneier on Security

Disrupting Ransomware by Disrupting Bitcoin

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons....

Commercial Location Data Used to Out Priest
From Schneier on Security

Commercial Location Data Used to Out Priest

A Catholic priest was outed through commercially available surveillance data. Vice has a good analysis: The news starkly demonstrates not only the inherent power...

Nasty Printer Driver Vulnerability
From Schneier on Security

Nasty Printer Driver Vulnerability

From SentinelLabs, a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in...

NSO Group Hacked
From Schneier on Security

NSO Group Hacked

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists...

Candiru: Another Cyberweapons Arms Manufacturer
From Schneier on Security

Candiru: Another Cyberweapons Arms Manufacturer

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru. From the report: Summary: Candiru is a secretive...

REvil is Off-Line
From Schneier on Security

REvil is Off-Line

This is an interesting development: Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American...

Colorado Passes Consumer Privacy Law
From Schneier on Security

Colorado Passes Consumer Privacy Law

First California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws.

China Taking Control of Zero-Day Exploits
From Schneier on Security

China Taking Control of Zero-Day Exploits

China is making sure that all newly discovered zero-day exploits are disclosed to the government. Under the new rules, anyone in China who finds a vulnerability...

Iranian State-Sponsored Hacking Attempts
From Schneier on Security

Iranian State-Sponsored Hacking Attempts

Interesting attack: Masquerading as UK scholars with the University of London’s School of Oriental and African Studies (SOAS), the threat actor TA453 has been covertly...

Friday Squid Blogging: The Evolution of Squid
From Schneier on Security

Friday Squid Blogging: The Evolution of Squid

Good video about the evolutionary history of squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered...

Analysis of the FBI’s Anom Phone
From Schneier on Security

Analysis of the FBI’s Anom Phone

Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting.

Details of the REvil Ransomware Attack
From Schneier on Security

Details of the REvil Ransomware Attack

ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical...

Vulnerability in the Kaspersky Password Manager
From Schneier on Security

Vulnerability in the Kaspersky Password Manager

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator...

Stealing Xbox Codes
From Schneier on Security

Stealing Xbox Codes

Detailed story of Volodymyr Kvashuk, a Microsoft insider who noticed a bug in the company’s internal systems that allowed him to create unlimited Xbox gift cards...

More Russian Hacking
From Schneier on Security

More Russian Hacking

Two reports this week. The first is from Microsoft, which wrote: As part of our investigation into this ongoing activity, we also detected information-stealingwrote...

Insurance and Ransomware
From Schneier on Security

Insurance and Ransomware

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper...

Risks of Evidentiary Software
From Schneier on Security

Risks of Evidentiary Software

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example)...

Friday Squid Blogging: Giant Squid Model
From Schneier on Security

Friday Squid Blogging: Giant Squid Model

Pretty wooden model. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account