acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Hacker-Themed Board Game
From Schneier on Security

Hacker-Themed Board Game

Black Hat is a hacker-themed board game.

More Military Cryptanalytics, Part III
From Schneier on Security

More Military Cryptanalytics, Part III

Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahos’s Military Cryptanalytics, Part III. We just got most of the index...

Excellent Write-up of the SolarWinds Security Breach
From Schneier on Security

Excellent Write-up of the SolarWinds Security Breach

Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary.

Details of the Recent T-Mobile Breach
From Schneier on Security

Details of the Recent T-Mobile Breach

Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security. I’ve lost count of how many times T-Mobile has been hacked.

Friday Squid Blogging: Squid Communication
From Schneier on Security

Friday Squid Blogging: Squid Communication

Interesting article on squid communication. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...

Friday Squid Blogging: Tentacle Doorknob
From Schneier on Security

Friday Squid Blogging: Tentacle Doorknob

It’s pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Interesting Privilege Escalation Vulnerability
From Schneier on Security

Interesting Privilege Escalation Vulnerability

If you plug a Razer peripheral (mouse or keyboard, I think) into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software — which automatically...

Surveillance of the Internet Backbone
From Schneier on Security

Surveillance of the Internet Backbone

Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be...

Friday Squid Blogging: On Squid Brains
From Schneier on Security

Friday Squid Blogging: On Squid Brains

Interesting National Geographic article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Readhere...

More on Apple’s iPhone Backdoor
From Schneier on Security

More on Apple’s iPhone Backdoor

In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM...

T-Mobile Data Breach
From Schneier on Security

T-Mobile Data Breach

It’s a big one: As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers andalso...

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered
From Schneier on Security

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3, and...

Tetris: Chinese Espionage Tool
From Schneier on Security

Tetris: Chinese Espionage Tool

I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents.

Friday Squid Blogging: A Good Year for Squid?
From Schneier on Security

Friday Squid Blogging: A Good Year for Squid?

Improved ocean conditions are leading to optimism about this year’s squid catch. As usual, you can also use this squid post to talk about the security stories in...

Using AI to Scale Spear Phishing
From Schneier on Security

Using AI to Scale Spear Phishing

The problem with spear phishing it that it takes time and creativity to create individualized enticing phishing emails. Researchers are using GPT-3 to attempt to...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking (via Internet) at SHIFT Business Festival in Finland, August 25-26, 2021. I’ll be...

Cobolt Strike Vulnerability Affects Botnet Servers
From Schneier on Security

Cobolt Strike Vulnerability Affects Botnet Servers

Cobolt Strike is a security tool, used by penetration testers to simulate network attackers. But it’s also used by attackers — from criminals to governments — to...

Apple Adds a Backdoor to iMesssage and iCloud Storage
From Schneier on Security

Apple Adds a Backdoor to iMesssage and iCloud Storage

Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. I have been following the details, and discussing it in several...

Defeating Microsoft’s Trusted Platform Module
From Schneier on Security

Defeating Microsoft’s Trusted Platform Module

This is a really interesting story explaining how to defeat Microsoft’s TPM in 30 minutes — without having to solder anything to the motherboard. Researchers at...

Squid Dog Toy
From Schneier on Security

Squid Dog Toy

It’s sold out, but the pictures are cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account