acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Covert Channel via Two VMs
From Schneier on Security

Covert Channel via Two VMs

Researchers build a covert channel between two virtual machines using a shared cache....

Surveillance and our Insecure Infrastructure
From Schneier on Security

Surveillance and our Insecure Infrastructure

Since Edward Snowden revealed to the world the extent of the NSA's global surveillance network, there has been a vigorous debate in the technological community...

Friday Squid Blogging: Chilean Squid Producer Diversifies
From Schneier on Security

Friday Squid Blogging: Chilean Squid Producer Diversifies

In another symptom of climate change, Chile's largest squid producer "plans to diversify its offering in the future, selling sea urchin, cod and octopus, to compensate...

New C++ Secure Coding Standard
From Schneier on Security

New C++ Secure Coding Standard

Carnegie Mellon University has released a comprehensive list of C++ secure-coding best practices....

2017 Security Protocols Workshop
From Schneier on Security

2017 Security Protocols Workshop

Ross Anderson liveblogged the presentations....

Attack vs. Defense in Nation-State Cyber Operations
From Schneier on Security

Attack vs. Defense in Nation-State Cyber Operations

I regularly say that, on the Internet, attack is easier than defense. There are a bunch of reasons for this, but primarily it's 1) the complexity of modern networked...

Research on Tech-Support Scams
From Schneier on Security

Research on Tech-Support Scams

Interesting paper: "Dial One for Scam: A Large-Scale Analysis of Technical Support Scams": Abstract: In technical support scams, cybercriminals attempt to convince...

New Destructive Malware Bricks IoT Devices
From Schneier on Security

New Destructive Malware Bricks IoT Devices

There's a new malware called BrickerBot that permanently disables vulnerable IoT devices by corrupting their storage capability and reconfiguring kernel parameters...

Fourth WikiLeaks CIA Attack Tool Dump
From Schneier on Security

Fourth WikiLeaks CIA Attack Tool Dump

WikiLeaks is obviously playing their Top Secret CIA data cache for as much press as they can, leaking the documents a little at a time. On Friday they published...

Shadow Brokers Releases the Rest of their NSA Hacking Tools
From Schneier on Security

Shadow Brokers Releases the Rest of their NSA Hacking Tools

Last August, an unknown group called the Shadow Brokers released a bunch of NSA tools to the public. The common guesses were that the tools were discovered on an...

Friday Squid Blogging: Squid Can Edit Their Own RNA
From Schneier on Security

Friday Squid Blogging: Squid Can Edit Their Own RNA

This is just plain weird: Rosenthal, a neurobiologist at the Marine Biological Laboratory, was a grad student studying a specific protein in squid when he got an...

Incident Response as "Hand-to-Hand Combat"
From Schneier on Security

Incident Response as "Hand-to-Hand Combat"

NSA Deputy Director Richard Ledgett described a 2014 Russian cyber attack against the U.S. State Department as "hand-to-hand" combat: "It was hand-to-hand combat...

Hacking a Brazilian Bank
From Schneier on Security

Hacking a Brazilian Bank

A detailed account....

Many Android Phones Vulnerable to Attacks Over Malicious Wi-Fi Networks
From Schneier on Security

Many Android Phones Vulnerable to Attacks Over Malicious Wi-Fi Networks

There's ablog post from Google's Project Zero detailing an attack against Android phones over Wi-Fi. From Ars Technica: The vulnerability resides in a widely used...

APT10 and Cloud Hopper
From Schneier on Security

APT10 and Cloud Hopper

There's a new report of a nation-state attack, presumed to be from China, on a series of managed ISPs. From the executive summary: Since late 2016, PwC UK and BAE...

Clever Physical ATM Attack
From Schneier on Security

Clever Physical ATM Attack

This is an interesting combination of computer and physical attack: Researchers from the Russian security firm Kaspersky on Monday detailed a new ATM-emptying attack...

Encryption Policy and Freedom of the Press
From Schneier on Security

Encryption Policy and Freedom of the Press

Interesting law journal article: "Encryption and the Press Clause," by D. Victoria Barantetsky. Abstract: Almost twenty years ago, a hostile debate over whether...

Acoustic Attack Against Accelerometers
From Schneier on Security

Acoustic Attack Against Accelerometers

Interesting acoustic attack against the MEMS accelerometers in devices like FitBits. Millions of accelerometers reside inside smartphones, automobiles, medical...

Soon You'll Be Able to Hijack Weaponized Police Drones in Connecticut
From Schneier on Security

Soon You'll Be Able to Hijack Weaponized Police Drones in Connecticut

Not content with having a fleet of insecure surveillance drones, the state of Connecticut wants a fleet of insecure weaponized drones. What could possibly go wrong...

Friday Squid Blogging: 1887 Animal-Combat Print with Giant Squid
From Schneier on Security

Friday Squid Blogging: 1887 Animal-Combat Print with Giant Squid

Great Victorian animal-combat scene featuring a giant squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account