acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

More on the SolarWinds Breach
From Schneier on Security

More on the SolarWinds Breach

The New York Times has more details. About 18,000 private and government users downloaded a Russian tainted software update –­ a Trojan horse of sorts ­– that...

Cellebrite Can Break Signal
From Schneier on Security

Cellebrite Can Break Signal

Cellebrite announced that it can break Signal. (Note that the company has heavily edited its blog post, but the original — with lots of technical details — wasarticle...

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication
From Schneier on Security

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication

This is interesting: Toward the end of the second incident that Volexity worked involving Dark Halo, the actor was observed accessing the e-mail account of a user...

US Schools Are Buying Cell Phone Unlocking Systems
From Schneier on Security

US Schools Are Buying Cell Phone Unlocking Systems

Gizmodo is reporting that schools in the US are buying equipment to unlock cell phones from companies like Cellebrite: Gizmodo has reviewed similar accounting documents...

Mexican Drug Cartels with High-Tech Spyware
From Schneier on Security

Mexican Drug Cartels with High-Tech Spyware

Sophisticated spyware, sold by surveillance tech companies to Mexican government agencies, are ending up in the hands of drug cartels: As many as 25 private companies...

Zodiac Killer Cipher Solved
From Schneier on Security

Zodiac Killer Cipher Solved

The SF Chronicle is reporting (more details here), and the FBI is confirming, that a Melbourne mathematician and team has decrypted the 1969 message sent by the...

Another Massive Russian Hack of US Government Networks
From Schneier on Security

Another Massive Russian Hack of US Government Networks

The press is reporting a massive hack of US government networks by sophisticated Russian hackers. Officials said a hunt was on to determine if other parts of the...

Should There Be Limits on Persuasive Technologies?
From Schneier on Security

Should There Be Limits on Persuasive Technologies?

Persuasion is as old as our species. Both democracy and the market economy depend on it. Politicians persuade citizens to vote for them, or to support different...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking (online) at Western Washington University on January 20, 2021. Details to come. I...

Authentication Failure
From Schneier on Security

Authentication Failure

This is a weird story of a building owner commissioning an artist to paint a mural on the side of his building — except that he wasn’t actually the building’s owner...

Friday Squid Blogging: Newly Identified Ichthyosaur Species Probably Ate Squid
From Schneier on Security

Friday Squid Blogging: Newly Identified Ichthyosaur Species Probably Ate Squid

This is a deep-diving species that “fed on small prey items such as squid.” Academic paper. As usual, you can also use this squid post to talk about the security...

A Cybersecurity Policy Agenda
From Schneier on Security

A Cybersecurity Policy Agenda

The Aspen Institute’s Aspen Cybersecurity Group — I’m a member — has released its cybersecurity policy agenda for the next four years. The next administration and...

Finnish Data Theft and Extortion
From Schneier on Security

Finnish Data Theft and Extortion

The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they...

FireEye Hacked
From Schneier on Security

FireEye Hacked

FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted...

Oblivious DNS-over-HTTPS
From Schneier on Security

Oblivious DNS-over-HTTPS

This new protocol, called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Here’s how it works: ODoH wraps a layer of encryption around...

The 2020 Workshop on Economics and Information Security (WEIS)
From Schneier on Security

The 2020 Workshop on Economics and Information Security (WEIS)

The workshop on Economics and Information Security is always an interesting conference. This year, it will be online. Here’s the program. Registration is free.

Hiding Malware in Social Media Buttons
From Schneier on Security

Hiding Malware in Social Media Buttons

Clever tactic: This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital...

Enigma Machine Recovered from the Baltic Sea
From Schneier on Security

Enigma Machine Recovered from the Baltic Sea

Neat story: German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during...

Open Source Does Not Equal Secure
From Schneier on Security

Open Source Does Not Equal Secure

Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for security flaws...

Impressive iPhone Exploit
From Schneier on Security

Impressive iPhone Exploit

This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bugbuffer...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account