From Schneier on Security
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration
…
B. Schneier| February 29, 2024
Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.
Based on the...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:25 PM
Hackers are exploiting zero-day in SonicWall:
In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:24 PM
MalwareBytes is reporting a weird software credit card skimmer. It harvests credit card data stolen by another, different skimmer:
Even though spotting multiple...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:24 PM
It seems to be the season of sophisticated supply-chain attacks.
This one is in the NoxPlayer Android emulator:
ESET says that based on evidence its researchers...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:23 PM
President Biden wants his Peloton in the White House. For those who have missed the hype, it’s an Internet-connected stationary bicycle. It has a screen, a camera...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:23 PM
At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin —penetrate...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:22 PM
Microsoft analyzed details of the SolarWinds attack:
Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported...Bruce Schneier From Schneier on Security | February 2, 2021 at 10:54 PM
Andrew Appel discusses Georgia’s voting machines, how the paper ballots facilitated a recount, and the problem with automatic ballot-marking devices:
Suppose the...Bruce Schneier From Schneier on Security | February 1, 2021 at 11:09 AM
This essay makes the point that actual computer hackers would be a useful addition to NATO wargames:
The international information security community is filled...Bruce Schneier From Schneier on Security | January 29, 2021 at 01:03 PM
Apple has added added security features to mitigate the risk of zero-click iMessage attacks.
Apple did not document the changes but Groß said he fiddled around...Bruce Schneier From Schneier on Security | January 29, 2021 at 10:21 AM
A coordinated effort has captured the command-and-control servers of the Emotet botnet:
Emotet establishes a backdoor onto Windows computer systems via automated...Bruce Schneier From Schneier on Security | January 27, 2021 at 05:04 PM
Insider data theft:
Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministry’s COVID-19 systems on the criminal...Bruce Schneier From Schneier on Security | January 27, 2021 at 09:59 AM
I think this is the largest data breach of all time: 220 million people. (Lots more stories are in Portuguese.)Bruce Schneier From Schneier on Security | January 25, 2021 at 02:58 PM
No one who reads this blog regularly will be surprised:
A former employee of prominent home security company ADT has admitted that he hacked into the surveillance...Bruce Schneier From Schneier on Security | January 25, 2021 at 10:33 AM
FireEye is reporting the current known tactics that the SVR used to compromise Microsoft 365 cloud data as part of its SolarWinds operation:
Mandiant has observed...Bruce Schneier From Schneier on Security | January 20, 2021 at 11:57 PM
Google’s Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android:
Some of the exploits were zero-days, meaning they targeted...Bruce Schneier From Schneier on Security | January 19, 2021 at 04:05 PM
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process:
Key Points
SUNSPOT is StellarParticle...Bruce Schneier From Schneier on Security | January 18, 2021 at 05:19 PM
For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping.
Note that I have had occasional problems...Bruce Schneier From Schneier on Security | January 15, 2021 at 12:27 PM
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out...Bruce Schneier From Schneier on Security | January 14, 2021 at 11:44 PM
This is a current list of where and when I am scheduled to speak:
I’m speaking (online) as part of Western Washington University’s Internet Studies Lecture Series...Schneier.com Webmaster From Schneier on Security | January 14, 2021 at 04:05 AM