Blogroll | Communications of the ACM

From Schneier on Security

On Pig Butchering Scams

“Pig butchering” is the colorful name given to online cons that trick the victim into giving money to the scammer, thinking it is an investment opportunity. It’s... Bruce Schneier
From Schneier on Security | February 13, 2023 at 02:54 PM

From Schneier on Security

Friday Squid Blogging: Squid Is a Blockchain Thingy

I had no idea—until I read this incredibly jargon-filled article: Squid is a cross-chain liquidity and messaging router that swaps across multiple chains and their... Bruce Schneier
From Schneier on Security | February 10, 2023 at 05:11 PM

From Schneier on Security

Hacking the Tax Code

The tax code isn’t software. It doesn’t run on a computer. But it’s still code. It’s a series of algorithms that takes an input—financial information for the year... Bruce Schneier
From Schneier on Security | February 10, 2023 at 06:24 AM

From Schneier on Security

Mary Queen of Scots Letters Decrypted

This is a neat piece of historical research. The team of computer scientist George Lasry, pianist Norbert Biermann and astrophysicist Satoshi Tomokiyo—all keen... Bruce Schneier
From Schneier on Security | February 9, 2023 at 07:15 AM

From Schneier on Security

SolarWinds and Market Incentives

In early 2021, IEEE Security and Privacy asked a number of board members for brief perspectives on the SolarWinds incident while it was still breaking news. This... Bruce Schneier
From Schneier on Security | February 8, 2023 at 06:46 AM

From Schneier on Security

Malware Delivered through Google Search

Criminals using Google search ads to deliver malware isn’t new, but Ars Technica declared that the problem has become much worse recently. The surge is coming from... Bruce Schneier
From Schneier on Security | February 7, 2023 at 07:23 AM

From Schneier on Security

Attacking Machine Learning Systems

The field of machine learning (ML) security—and corresponding adversarial ML—is rapidly advancing as researchers develop sophisticated techniques to perturb, disrupt... Bruce Schneier
From Schneier on Security | February 6, 2023 at 06:02 AM

From Schneier on Security

Friday Squid Blogging: Studying the Colossal Squid

A survey of giant squid science. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my bloghere... Bruce Schneier
From Schneier on Security | February 3, 2023 at 05:02 PM

From Schneier on Security

Manipulating Weights in Face-Recognition AI Systems

Interesting research: “Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons“: Abstract: In this paper we describe... Bruce Schneier
From Schneier on Security | February 3, 2023 at 07:07 AM

From Schneier on Security

AIs as Computer Hackers

Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers... Bruce Schneier
From Schneier on Security | February 2, 2023 at 06:59 AM

From Schneier on Security

Passwords Are Terrible (Surprising No One)

This is the result of a security audit: More than a fifth of the passwords protecting network accounts at the US Department of the Interior—including Password1234... Bruce Schneier
From Schneier on Security | February 1, 2023 at 07:08 AM

From Schneier on Security

Ransomware Payments Are Down

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from... Bruce Schneier
From Schneier on Security | January 31, 2023 at 07:03 AM

From Schneier on Security

NIST Is Updating Its Cybersecurity Framework

NIST is planning a significant update of its Cybersecurity Framework. At this point, it’s asking for feedback and comments to its concept paper. Do the proposed... Bruce Schneier
From Schneier on Security | January 30, 2023 at 07:13 AM

From Schneier on Security

Friday Squid Blogging: Squid-Inspired Hydrogel

Scientists have created a hydrogel “using squid mantle and creative chemistry.” As usual, you can also use this squid post to talk about the security stories in... Bruce Schneier
From Schneier on Security | January 27, 2023 at 05:59 PM

From Schneier on Security

Kevin Mitnick Hacked California Law in 1983

Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book, which he partially recounts his 2012... Bruce Schneier
From Schneier on Security | January 27, 2023 at 03:19 PM

From Schneier on Security

A Guide to Phishing Attacks

This is a good list of modern phishing techniques. Bruce Schneier
From Schneier on Security | January 27, 2023 at 07:02 AM

From Schneier on Security

US Cyber Command Operations During the 2022 Midterm Elections

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the... Bruce Schneier
From Schneier on Security | January 25, 2023 at 07:00 AM

From Schneier on Security

Bulk Surveillance of Money Transfers

Just another obscure warrantless surveillance program. US law enforcement can access details of money transfers without a warrant through an obscure surveillance... Bruce Schneier
From Schneier on Security | January 24, 2023 at 07:14 AM

From Schneier on Security

No-Fly List Exposed

I can’t remember the last time I thought about the US no-fly list: the list of people so dangerous they should never be allowed to fly on an airplane, yet so innocent... Bruce Schneier
From Schneier on Security | January 23, 2023 at 07:02 AM

From Schneier on Security

Friday Squid Blogging: Another Giant Squid Captured on Video

Here’s a new video of a giant squid, filmed in the Sea of Japan. I believe it’s injured. It’s so close to the surface, and not really moving very much. “We didn... Bruce Schneier
From Schneier on Security | January 20, 2023 at 05:00 PM