From Schneier on Security
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration
…
B. Schneier| February 29, 2024
At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin —penetrate...Bruce Schneier From Schneier on Security | February 3, 2021 at 03:22 PM
Microsoft analyzed details of the SolarWinds attack:
Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported...Bruce Schneier From Schneier on Security | February 2, 2021 at 10:54 PM
Andrew Appel discusses Georgia’s voting machines, how the paper ballots facilitated a recount, and the problem with automatic ballot-marking devices:
Suppose the...Bruce Schneier From Schneier on Security | February 1, 2021 at 11:09 AM
This essay makes the point that actual computer hackers would be a useful addition to NATO wargames:
The international information security community is filled...Bruce Schneier From Schneier on Security | January 29, 2021 at 01:03 PM
Apple has added added security features to mitigate the risk of zero-click iMessage attacks.
Apple did not document the changes but Groß said he fiddled around...Bruce Schneier From Schneier on Security | January 29, 2021 at 10:21 AM
A coordinated effort has captured the command-and-control servers of the Emotet botnet:
Emotet establishes a backdoor onto Windows computer systems via automated...Bruce Schneier From Schneier on Security | January 27, 2021 at 05:04 PM
Insider data theft:
Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministry’s COVID-19 systems on the criminal...Bruce Schneier From Schneier on Security | January 27, 2021 at 09:59 AM
I think this is the largest data breach of all time: 220 million people. (Lots more stories are in Portuguese.)Bruce Schneier From Schneier on Security | January 25, 2021 at 02:58 PM
No one who reads this blog regularly will be surprised:
A former employee of prominent home security company ADT has admitted that he hacked into the surveillance...Bruce Schneier From Schneier on Security | January 25, 2021 at 10:33 AM
FireEye is reporting the current known tactics that the SVR used to compromise Microsoft 365 cloud data as part of its SolarWinds operation:
Mandiant has observed...Bruce Schneier From Schneier on Security | January 20, 2021 at 11:57 PM
Google’s Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android:
Some of the exploits were zero-days, meaning they targeted...Bruce Schneier From Schneier on Security | January 19, 2021 at 04:05 PM
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process:
Key Points
SUNSPOT is StellarParticle...Bruce Schneier From Schneier on Security | January 18, 2021 at 05:19 PM
For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping.
Note that I have had occasional problems...Bruce Schneier From Schneier on Security | January 15, 2021 at 12:27 PM
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out...Bruce Schneier From Schneier on Security | January 14, 2021 at 11:44 PM
This is a current list of where and when I am scheduled to speak:
I’m speaking (online) as part of Western Washington University’s Internet Studies Lecture Series...Schneier.com Webmaster From Schneier on Security | January 14, 2021 at 04:05 AM
Security researcher Ahmed Hassan has shown that spoofing the Android’s “People Nearby” feature allows him to pinpoint the physical location of Telegram users:
Using...Bruce Schneier From Schneier on Security | January 11, 2021 at 01:08 PM
Smart commentary:
…I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile...Bruce Schneier From Schneier on Security | January 11, 2021 at 01:08 PM
This is a clever side-channel attack:
The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip, which...Bruce Schneier From Schneier on Security | January 11, 2021 at 01:06 PM
New research:
Pile driving occurs during construction of marine platforms, including offshore windfarms, producing intense sounds that can adversely affect marine...Bruce Schneier From Schneier on Security | January 11, 2021 at 12:07 PM
If you’re a WhatsApp user, pay attention to the changes in the privacy policy that you’re being forced to agree with.
In 2016, WhatsApp gave users a one-time ability...Bruce Schneier From Schneier on Security | January 7, 2021 at 10:59 AM