acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Malicious Barcode Scanner App
From Schneier on Security

Malicious Barcode Scanner App

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. It’s been around since 2017...

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed
From Schneier on Security

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down...

On Vulnerability-Adjacent Vulnerabilities
From Schneier on Security

On Vulnerability-Adjacent Vulnerabilities

At the virtual Engima Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors...

Medieval Security Techniques
From Schneier on Security

Medieval Security Techniques

Sonja Drummer describes (with photographs) two medieval security techniques. The first is a for authentication: a document has been cut in half with an irregular...

Attack against Florida Water Treatment Facility
From Schneier on Security

Attack against Florida Water Treatment Facility

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide...

Friday Squid Blogging: Far Side Cartoon
From Schneier on Security

Friday Squid Blogging: Far Side Cartoon

The Far Side on squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

Friday Squid Blogging: Live Giant Squid Found in Japan
From Schneier on Security

Friday Squid Blogging: Live Giant Squid Found in Japan

A giant squid was found alive in the port of Izumo, Japan. Not a lot of news, just this Twitter thread (with a couple of videos). If confirmed, I believe this will...

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish
From Schneier on Security

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish

From the Monterey Bay Aquarium. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting...

Friday Squid Blogging: Flying Squid
From Schneier on Security

Friday Squid Blogging: Flying Squid

How squid fly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

Ransomware Profitability
From Schneier on Security

Ransomware Profitability

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the...

SonicWall Zero-Day
From Schneier on Security

SonicWall Zero-Day

Hackers are exploiting zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat...

Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer
From Schneier on Security

Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer

MalwareBytes is reporting a weird software credit card skimmer. It harvests credit card data stolen by another, different skimmer: Even though spotting multiple...

NoxPlayer Android Emulator Supply-Chain Attack
From Schneier on Security

NoxPlayer Android Emulator Supply-Chain Attack

It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers...

Presidential Cybersecurity and Pelotons
From Schneier on Security

Presidential Cybersecurity and Pelotons

President Biden wants his Peloton in the White House. For those who have missed the hype, it’s an Internet-connected stationary bicycle. It has a screen, a camera...

Another SolarWinds Orion Hack
From Schneier on Security

Another SolarWinds Orion Hack

At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin —penetrate...

More SolarWinds News
From Schneier on Security

More SolarWinds News

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported...

Georgia’s Ballot-Marking Devices
From Schneier on Security

Georgia’s Ballot-Marking Devices

Andrew Appel discusses Georgia’s voting machines, how the paper ballots facilitated a recount, and the problem with automatic ballot-marking devices: Suppose the...

Including Hackers in NATO Wargames
From Schneier on Security

Including Hackers in NATO Wargames

This essay makes the point that actual computer hackers would be a useful addition to NATO wargames: The international information security community is filled...

New iMessage Security Features
From Schneier on Security

New iMessage Security Features

Apple has added added security features to mitigate the risk of zero-click iMessage attacks. Apple did not document the changes but Groß said he fiddled around...

Police Have Disrupted the Emotet Botnet
From Schneier on Security

Police Have Disrupted the Emotet Botnet

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account