From Schneier on Security
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration
…
B. Schneier| February 29, 2024
Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit.
In an email sent...Bruce Schneier From Schneier on Security | October 3, 2024 at 07:04 AM
Governor Newsom has vetoed the state’s AI safety bill.
I have mixed feelings about the bill. There’s a lot to like about it, and I want governments to regulateEU...Bruce Schneier From Schneier on Security | October 2, 2024 at 07:01 AM
This vulnerability hacks a feature that allows ChatGPT to have long-term memory, where it uses information from past conversations to inform future conversations...Bruce Schneier From Schneier on Security | October 1, 2024 at 07:07 AM
For years now, AI has undermined the public’s ability to trust what it sees, hears, and reads. The Republican National Committee released a provocative ad offering...Bruce Schneier From Schneier on Security | September 30, 2024 at 07:00 AM
Fishermen are catching more squid as other fish are depleted.
Blog moderation policy.Bruce Schneier From Schneier on Security | September 27, 2024 at 05:06 PM
NIST’s second draft of its “SP 800-63-4“—its digital identify guidelines—finally contains some really good rules about passwords:
The following requirements apply...Bruce Schneier From Schneier on Security | September 27, 2024 at 07:01 AM
Clever:
A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into entering their Google credentials, which are...Bruce Schneier From Schneier on Security | September 25, 2024 at 07:00 AM
I always like a good hack. And this story delivers. Basically, the New York City bikeshare program has a system to reward people who move bicycles from full stations...Bruce Schneier From Schneier on Security | September 23, 2024 at 11:46 AM
This is really interesting.
It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the...Bruce Schneier From Schneier on Security | September 20, 2024 at 11:32 AM
The FBI has shut down a botnet run by Chinese hackers:
The botnet malware infected a number of different types of internet-connected devices around the world,...Bruce Schneier From Schneier on Security | September 19, 2024 at 11:40 AM
Wow.
It seems they all exploded simultaneously, which means they were triggered.
Were they each tampered with physically, or did someone figure out how to trigger...Bruce Schneier From Schneier on Security | September 17, 2024 at 11:54 AM
Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article...Bruce Schneier From Schneier on Security | September 17, 2024 at 07:02 AM
CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported.
Welcome...Bruce Schneier From Schneier on Security | September 16, 2024 at 10:49 AM
This is a current list of where and when I am scheduled to speak:
I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through...Bruce Schneier From Schneier on Security | September 14, 2024 at 12:01 PM
This is an odd story of serving squid during legislative negotiations in the Philippines.Bruce Schneier From Schneier on Security | September 13, 2024 at 05:00 PM
Over the summer, I gave a talk about AI and democracy at TedXBillings. The recording is <a href="https://www.youtube.com/watch?v=uqC4nb7fLpY”>live.
Please share...Bruce Schneier From Schneier on Security | September 13, 2024 at 02:02 PM
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article:
The first...Bruce Schneier From Schneier on Security | September 12, 2024 at 11:42 AM
New research evaluating the effectiveness of reward modeling during Reinforcement Learning from Human Feedback (RLHF): “SEAL: Systematic Error Analysis for Value...Bruce Schneier From Schneier on Security | September 11, 2024 at 07:03 AM