acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorBruce Schneier
bg-corner

Twitter Hackers May Have Bribed an Insider
From Schneier on Security

Twitter Hackers May Have Bribed an Insider

Motherboard is reporting that this week's Twitter hack involved a bribed insider. Twitter has denied it. I have been taking press calls all day about this. And...

NSA on Securing VPNs
From Schneier on Security

NSA on Securing VPNs

The NSA's Central Security Service -- that's the part that's supposed to work on defense -- has released two documents (a full and an abridged version) on securing...

Enigma Machine for Sale
From Schneier on Security

Enigma Machine for Sale

A four-rotor Enigma machine -- with rotors -- is up for auction....

A Peek into the Fake Review Marketplace
From Schneier on Security

A Peek into the Fake Review Marketplace

A personal account of someone who was paid to buy products on Amazon and leave fake reviews. Fake reviews are one of the problems that everyone knows about, and...

China Closing Its Squid Spawning Grounds
From Schneier on Security

China Closing Its Squid Spawning Grounds

China is prohibiting squid fishing in two areas -- both in international waters -- for two seasons, to give squid time to recover and reproduce. This is the first...

EFF's 30th Anniversary Livestream
From Schneier on Security

EFF's 30th Anniversary Livestream

It's the EFF's 30th birthday, and the organization is having a celebratory livestream today from 3:00 to 10:00 pm PDT. There are a lot of interesting discussions...

Business Email Compromise (BEC) Criminal Ring
From Schneier on Security

Business Email Compromise (BEC) Criminal Ring

A criminal group called Cosmic Lynx seems to be based in Russia: Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according...

Traffic Analysis of Home Security Cameras
From Schneier on Security

Traffic Analysis of Home Security Cameras

Interesting research on home security cameras with cloud storage. Basically, attackers can learn very basic information about what's going on in front of the camera...

Half a Million IoT Passwords Leaked
From Schneier on Security

Half a Million IoT Passwords Leaked

It is amazing that this sort of thing can still happen: ...the list was compiled by scanning the entire internet for devices that were exposing their Telnet port...

IoT Security Principles
From Schneier on Security

IoT Security Principles

The BSA -- also known as the Software Alliance, formerly the Business Software Alliance -- is an industry lobbying group. They just published "Policy Principles...

ThiefQuest Ransomware for the Mac
From Schneier on Security

ThiefQuest Ransomware for the Mac

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. It's hard to get infected: For your Mac to become infected, you would need to torrent a compromised...

Friday Squid Blogging: Strawberry Squid
From Schneier on Security

Friday Squid Blogging: Strawberry Squid

Pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.....

Hacked by Police
From Schneier on Security

Hacked by Police

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models...

The Security Value of Inefficiency
From Schneier on Security

The Security Value of Inefficiency

For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that's a good thing. Running just at the margins is efficient...

Securing the International IoT Supply Chain
From Schneier on Security

Securing the International IoT Supply Chain

Together with Nate Kim (former student) and Trey Herr (Atlantic Council Cyber Statecraft Initiative), I have written a paper on IoT supply chain security. The basic...

Android Apps Stealing Facebook Credentials
From Schneier on Security

Android Apps Stealing Facebook Credentials

Google has removed 25 Android apps from its store because they steal Facebook credentials: Before being taken down, the 25 apps were collectively downloaded more...

iPhone Apps Stealing Clipboard Data
From Schneier on Security

iPhone Apps Stealing Clipboard Data

iOS apps are repeatedly reading clipboard data, which can include all sorts of sensitive information. While Haj Bakry and Mysk published their research in March...

Friday Squid Blogging: Fishing for Jumbo Squid
From Schneier on Security

Friday Squid Blogging: Fishing for Jumbo Squid

Interesting article on the rise of the jumbo squid industry as a result of climate change. As usual, you can also use this squid post to talk about the security...

The Unintended Harms of Cybersecurity
From Schneier on Security

The Unintended Harms of Cybersecurity

Interesting research: "Identifying Unintended Harms of Cybersecurity Countermeasures": Abstract: Well-meaning cybersecurity risk owners will deploy countermeasures...

Analyzing IoT Security Best Practices
From Schneier on Security

Analyzing IoT Security Best Practices

New research: "Best Practices for IoT Security: What Does That Even Mean?" by Christopher Bellman and Paul C. van Oorschot: Abstract: Best practices for Internet...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account