Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish
From the Monterey Bay Aquarium. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting...
From Schneier on Security
Friday Squid Blogging: Flying Squid
How squid fly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
From Schneier on Security
Ransomware Profitability
Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the...
From Schneier on Security
SonicWall Zero-Day
Hackers are exploiting zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat...
From Schneier on Security
Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer
MalwareBytes is reporting a weird software credit card skimmer. It harvests credit card data stolen by another, different skimmer: Even though spotting multiple...
From Schneier on Security
NoxPlayer Android Emulator Supply-Chain Attack
It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers...
From Schneier on Security
Presidential Cybersecurity and Pelotons
President Biden wants his Peloton in the White House. For those who have missed the hype, it’s an Internet-connected stationary bicycle. It has a screen, a camera...
From Schneier on Security
Another SolarWinds Orion Hack
At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin —penetrate...
From Schneier on Security
More SolarWinds News
Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported...
From Schneier on Security
Georgia’s Ballot-Marking Devices
Andrew Appel discusses Georgia’s voting machines, how the paper ballots facilitated a recount, and the problem with automatic ballot-marking devices: Suppose the...
From Schneier on Security
Including Hackers in NATO Wargames
This essay makes the point that actual computer hackers would be a useful addition to NATO wargames: The international information security community is filled...
From Schneier on Security
New iMessage Security Features
Apple has added added security features to mitigate the risk of zero-click iMessage attacks. Apple did not document the changes but Groß said he fiddled around...
From Schneier on Security
Police Have Disrupted the Emotet Botnet
A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated...
From Schneier on Security
Dutch Insider Attack on COVID-19 Data
Insider data theft: Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministry’s COVID-19 systems on the criminal...
From Schneier on Security
Massive Brazilian Data Breach
I think this is the largest data breach of all time: 220 million people. (Lots more stories are in Portuguese.)
From Schneier on Security
Insider Attack on Home Surveillance Systems
No one who reads this blog regularly will be surprised: A former employee of prominent home security company ADT has admitted that he hacked into the surveillance...
From Schneier on Security
SVR Attacks on Microsoft 365
FireEye is reporting the current known tactics that the SVR used to compromise Microsoft 365 cloud data as part of its SolarWinds operation: Mandiant has observed...
From Schneier on Security
Sophisticated Watering Hole Attack
Google’s Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android: Some of the exploits were zero-days, meaning they targeted...
From Schneier on Security
Injecting a Backdoor into SolarWinds Orion
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points SUNSPOT is StellarParticle...
From Schneier on Security