Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
The Security Vulnerabilities of Message Interoperability
Jenny Blessing and Ross Anderson have evaluated the security of systems designed to allow the various Internet messaging platforms to interoperate with each other...
From Schneier on Security
Security Vulnerabilities in Snipping Tools
Both Google’s Pixel’s Markup Tool and the Windows Snipping Tool have vulnerabilities that allow people to partially recover content that was edited out of images...
From Schneier on Security
Hacks at Pwn2Own Vancouver 2023
An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: On the first day of Pwn2Own Vancouver 2023, security researchers...
From Schneier on Security
Friday Squid Blogging: Creating Batteries Out of Squid Cells
This is fascinating: “When a squid ends up chipping what’s called its ring tooth, which is the nail underneath its tentacle, it needs to regrow that tooth very...
From Schneier on Security
Exploding USB Sticks
In case you don’t have enough to worry about, people are hiding explosives—actual ones—in USB sticks: In the port city of Guayaquil, journalist Lenin Artieda of...
From Schneier on Security
Mass Ransomware Attack
A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected...
From Schneier on Security
ChatGPT Privacy Flaw
OpenAI has disabled ChatGPT’s privacy history, almost certainly because they had a security flaw where users were seeing each others’ histories.
From Schneier on Security
US Citizen Hacked by Spyware
The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta’s security and trust...
From Schneier on Security
Friday Squid Blogging: New Species of Vampire Squid Lives 3,000 Feet below Sea Level
At least, it seems to be a new species. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...
From Schneier on Security
NetWire Remote Access Trojan Maker Arrested
From Brian Krebs: A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as...
From Schneier on Security
Friday Squid Blogging: Chinese Squid Fishing in the Southeast Pacific
Chinese squid fishing boats are overwhelming Ecuador and Peru. As usual, you can also use this squid post to talk about the security stories in the news that Ihere...
From Schneier on Security
Elephant Hackers
An elephant uses its right-of-way privileges to stop sugar-cane trucks and grab food.
From Schneier on Security
Another Malware with Persistence
Here’s a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates. On Thursday, security firm Mandiant published a report...
From Schneier on Security
BlackLotus Malware Hijacks Windows Secure Boot Process
Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully...
From Schneier on Security
Prompt Injection Attacks on Large Language Models
This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing dramatic advances in the capabilities...
From Schneier on Security
New National Cybersecurity Strategy
Last week the Biden Administration released a new National Cybersecurity Strategy (summary >here. There is lots of good commentary out there. It’s basically a smart...
From Schneier on Security
Nick Weaver on Regulating Cryptocurrency
Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing regulations. His conclusion: Regulators...
From Schneier on Security
Dumb Password Rules
Troy Hunt is collecting examples of dumb password rules. There are some pretty bad disasters out there. My worst experiences are with sites that have artificial...
From Schneier on Security
Fooling a Voice Authentication System with an AI-Generated Voice
A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank.
From Schneier on Security