acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Router Security
From Schneier on Security

Router Security

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security. Conclusion...

US Cyber Command Valentine’s Day Cryptography Puzzles
From Schneier on Security

US Cyber Command Valentine’s Day Cryptography Puzzles

The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link...

Chinese Supply-Chain Attack on Computer Systems
From Schneier on Security

Chinese Supply-Chain Attack on Computer Systems

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008....

Browser Tracking Using Favicons
From Schneier on Security

Browser Tracking Using Favicons

Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the...

Virginia Data Privacy Law
From Schneier on Security

Virginia Data Privacy Law

Virginia is about to get a data privacy law, modeled on California’s law.

WEIS 2021 Call for Papers
From Schneier on Security

WEIS 2021 Call for Papers

The 20th Annual Workshop on the Economics of Information Security (WEIS 2021) will be held online in June. We just published the call for papers.

Malicious Barcode Scanner App
From Schneier on Security

Malicious Barcode Scanner App

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. It’s been around since 2017...

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed
From Schneier on Security

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down...

On Vulnerability-Adjacent Vulnerabilities
From Schneier on Security

On Vulnerability-Adjacent Vulnerabilities

At the virtual Engima Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors...

Medieval Security Techniques
From Schneier on Security

Medieval Security Techniques

Sonja Drummer describes (with photographs) two medieval security techniques. The first is a for authentication: a document has been cut in half with an irregular...

Attack against Florida Water Treatment Facility
From Schneier on Security

Attack against Florida Water Treatment Facility

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide...

Friday Squid Blogging: Far Side Cartoon
From Schneier on Security

Friday Squid Blogging: Far Side Cartoon

The Far Side on squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

Friday Squid Blogging: Live Giant Squid Found in Japan
From Schneier on Security

Friday Squid Blogging: Live Giant Squid Found in Japan

A giant squid was found alive in the port of Izumo, Japan. Not a lot of news, just this Twitter thread (with a couple of videos). If confirmed, I believe this will...

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish
From Schneier on Security

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish

From the Monterey Bay Aquarium. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting...

Friday Squid Blogging: Flying Squid
From Schneier on Security

Friday Squid Blogging: Flying Squid

How squid fly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

Ransomware Profitability
From Schneier on Security

Ransomware Profitability

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the...

SonicWall Zero-Day
From Schneier on Security

SonicWall Zero-Day

Hackers are exploiting zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat...

Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer
From Schneier on Security

Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer

MalwareBytes is reporting a weird software credit card skimmer. It harvests credit card data stolen by another, different skimmer: Even though spotting multiple...

NoxPlayer Android Emulator Supply-Chain Attack
From Schneier on Security

NoxPlayer Android Emulator Supply-Chain Attack

It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers...

Presidential Cybersecurity and Pelotons
From Schneier on Security

Presidential Cybersecurity and Pelotons

President Biden wants his Peloton in the White House. For those who have missed the hype, it’s an Internet-connected stationary bicycle. It has a screen, a camera...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account