Blogroll | Communications of the ACM

From Schneier on Security

Hacks at Pwn2Own Vancouver 2023

An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: On the first day of Pwn2Own Vancouver 2023, security researchers... Bruce Schneier
From Schneier on Security | March 27, 2023 at 07:03 AM

From Schneier on Security

Friday Squid Blogging: Creating Batteries Out of Squid Cells

This is fascinating: “When a squid ends up chipping what’s called its ring tooth, which is the nail underneath its tentacle, it needs to regrow that tooth very... Bruce Schneier
From Schneier on Security | March 24, 2023 at 05:06 PM

From Schneier on Security

Exploding USB Sticks

In case you don’t have enough to worry about, people are hiding explosives—actual ones—in USB sticks: In the port city of Guayaquil, journalist Lenin Artieda of... Bruce Schneier
From Schneier on Security | March 24, 2023 at 07:04 AM

From Schneier on Security

Mass Ransomware Attack

A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected... Bruce Schneier
From Schneier on Security | March 23, 2023 at 07:05 AM

From Schneier on Security

ChatGPT Privacy Flaw

OpenAI has disabled ChatGPT’s privacy history, almost certainly because they had a security flaw where users were seeing each others’ histories. Bruce Schneier
From Schneier on Security | March 22, 2023 at 07:14 AM

From Schneier on Security

US Citizen Hacked by Spyware

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta’s security and trust... Bruce Schneier
From Schneier on Security | March 21, 2023 at 08:34 AM

From Schneier on Security

Friday Squid Blogging: New Species of Vampire Squid Lives 3,000 Feet below Sea Level

At least, it seems to be a new species. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my... Bruce Schneier
From Schneier on Security | March 17, 2023 at 05:19 PM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking on “How to Reclaim Power in the Digital World” at EPFL in Lausanne, Switzerland,... Schneier.com Webmaster
From Schneier on Security | March 14, 2023 at 03:08 PM

From Schneier on Security

How AI Could Write Our Laws

By Nathan E. Sanders & Bruce Schneier Nearly 90% of the multibillion-dollar federal lobbying apparatus in the United States serves corporate interests. In somepours... Schneier.com Webmaster
From Schneier on Security | March 14, 2023 at 12:01 PM

From Schneier on Security

NetWire Remote Access Trojan Maker Arrested

From Brian Krebs: A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as... Bruce Schneier
From Schneier on Security | March 14, 2023 at 07:23 AM

From Schneier on Security

Friday Squid Blogging: Chinese Squid Fishing in the Southeast Pacific

Chinese squid fishing boats are overwhelming Ecuador and Peru. As usual, you can also use this squid post to talk about the security stories in the news that Ihere... Bruce Schneier
From Schneier on Security | March 10, 2023 at 05:05 PM

From Schneier on Security

Elephant Hackers

An elephant uses its right-of-way privileges to stop sugar-cane trucks and grab food. Bruce Schneier
From Schneier on Security | March 10, 2023 at 03:05 PM

From Schneier on Security

Another Malware with Persistence

Here’s a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates. On Thursday, security firm Mandiant published a report... Bruce Schneier
From Schneier on Security | March 9, 2023 at 08:33 PM

From Schneier on Security

BlackLotus Malware Hijacks Windows Secure Boot Process

Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully... Bruce Schneier
From Schneier on Security | March 8, 2023 at 06:11 AM

From Schneier on Security

Prompt Injection Attacks on Large Language Models

This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing dramatic advances in the capabilities... Bruce Schneier
From Schneier on Security | March 7, 2023 at 07:13 AM

From Schneier on Security

New National Cybersecurity Strategy

Last week the Biden Administration released a new National Cybersecurity Strategy (summary >here. There is lots of good commentary out there. It’s basically a smart... Bruce Schneier
From Schneier on Security | March 6, 2023 at 07:06 AM

From Schneier on Security

Nick Weaver on Regulating Cryptocurrency

Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing regulations. His conclusion: Regulators... Bruce Schneier
From Schneier on Security | March 3, 2023 at 10:58 AM

From Schneier on Security

Dumb Password Rules

Troy Hunt is collecting examples of dumb password rules. There are some pretty bad disasters out there. My worst experiences are with sites that have artificial... Bruce Schneier
From Schneier on Security | March 2, 2023 at 07:05 AM

From Schneier on Security

Fooling a Voice Authentication System with an AI-Generated Voice

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank. Bruce Schneier
From Schneier on Security | March 1, 2023 at 07:06 AM

From Schneier on Security

Side-Channel Attack against CRYSTALS-Kyber

CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have... Bruce Schneier
From Schneier on Security | February 28, 2023 at 07:19 AM