2978 matches found
Was the Triton Malware Attack Russian in Origin?
The conventional story is that Iran targeted Saudi Arabia with Triton in 2017. New research from FireEye indicates that it might have been Russia. I don't know. FireEye likes to attribute all sorts of things to Russia, but the evidence here looks pretty good...
Nasty Windows Printer Driver Vulnerability
From SentinelLabs, a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers also used by Samsung and Xerox, which impacts hundreds of millions of Windows machines. If exploited, cyberattackers...
More Cryptanalysis of Solitaire
In 1999, I invented the Solitaire encryption algorithm, designed to manually encrypt data using a deck of cards. It was written into the plot of Neal Stephenson's novel Cryptonomicon, and I even wrote an afterward to the book describing the cipher. I don't talk about it much, mostly because I mad...
How Apple's "Find My" Feature Works
Matthew Green intelligently speculates about how Apple's new "Find My" feature works. If you haven't already been inspired by the description above, let me phrase the question you ought to be asking: how is this system going to avoid being a massive privacy nightmare? Let me count the concerns: I...
Data, Surveillance, and the AI Arms Race
According to foreign policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China -- one with serious implications for national security. The conventional version of this story suggests that the United States is at a disadvantage...
Clever Smartphone Malware Concealment Technique
This is clever: Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks. The...
Worst-Case Thinking Breeds Fear and Irrationality
Here's a crazy story from the UK. Basically, someone sees a man and a little girl leaving a shopping center. Instead of thinking "it must be a father and daughter, which happens millions of times a day and is perfectly normal," he thinks "this is obviously a case of child abduction and I must ale...
Friday Squid Blogging: Roasted Squid with Tomatillo Salsa
Recipe and commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Friday Squid Blogging: Eat Less Squid
The UK's Marine Conservation Society is urging people to eat less squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
I Have a New Book: We Have Root
I just published my third collection of essays: We Have Root. This book covers essays from 2013 to 2017. The first two are Schneier on Security and Carry On. There is nothing in this book is that is not available for free on my website; but if you'd like these essays in an easy-to-carry paperback...
A Harlequin Romance Novel about Hackers
Really...
Rock-Paper-Scissors Robot
How in the world did I not know about this for three years? Researchers at the University of Tokyo have developed a robot that always wins at rock-paper-scissors. It watches the human player's hand, figures out which finger position the human is about to deploy, and reacts quickly enough to alway...
Friday Squid Blogging: Squid Can Edit Their Own Genomes
This is new news: Revealing yet another super-power in the skillful squid, scientists have discovered that squid massively edit their own genetic instructions not only within the nucleus of their neurons, but also within the axon -- the long, slender neural projections that transmit electrical...
Research on Human Honesty
New research from Science: "Civic honesty around the globe": Abstract: Civic honesty is essential to social capital and economic development, but is often in conflict with material self-interest. We examine the trade-off between honesty and self-interest using field experiments in 355 cities...
Chrome Zero-Day from North Korea
North Korean hackers have been exploiting a zero-day in Chrome. The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. Both groups deployed the same exploit kit on websites that either belonged to legitimate organizations and were hacked or were set up for...
Adding a Hardware Backdoor to a Networked Computer
Interesting proof of concept: At the CS3sthlm security conference later this month, security researcher Monta Elkins will show how he created a proof-of-concept version of that hardware hack in his basement. He intends to demonstrate just how easily spies, criminals, or saboteurs with even minima...
Spanish Soccer League App Spies on Fans
The Spanish Soccer League's smartphone app spies on fans in order to find bars that are illegally streaming its games. The app listens with the microphone for the broadcasts, and then uses geolocation to figure out where the phone is. The Spanish data protection agency has ordered the league to...
Human Rights by Design
Good essay: "Advancing Human-Rights-By-Design In The Dual-Use Technology Industry," by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses can do far more than these basic measures. They could adopt a "human-rights-by-design" principle whereby they commit to designing...
Hacking Slot Machines by Reverse-Engineering the Random Number Generators
Interesting story: The venture is built on Alex's talent for reverse engineering the algorithms -- known as pseudorandom number generators, or PRNGs -- that govern how slot machine games behave. Armed with this knowledge, he can predict when certain games are likeliest to spit out moneyinsight...
Chinese Hackers Stole an NSA Windows Exploit in 2014
Check Point has evidence that probably government affiliated Chinese hackers stole and cloned an NSA Windows hacking tool years before probably government affiliated Russian hackers stole and then published the same tool. Heres the timeline: The timeline basically seems to be, according to Check...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I'm speaking at University College London on September 23, 2019. I'm speaking at World's Top 50 Innovators 2019 at the Royal Society in London on September 24, 2019. I'm speaking at Cyber Security Nordic in Helsinki, Finland on...
Friday Squid Blogging: 100-kg Squid Caught Off the Coast of Madeira
News. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Friday Squid Blogging: Squid that Mate, Die, and Then Sink
The mating and death characteristics of some squid are fascinating. Research paper. EDITED TO ADD 2/5: Additional info and photos. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Friday Squid Blogging: Squid Mural
Large squid mural in the Bushwick neighborhood of Brooklyn. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
iPhone Apps Surreptitiously Communicated with Unknown Servers
Long news article alternate source on iPhone privacy, specifically the enormous amount of data your apps are collecting without your knowledge. A lot of this happens in the middle of the night, when you're probably not otherwise using your phone: IPhone apps I discovered tracking me by passing...
iOS Shortcut for Recording the Police
"Hey Siri; I'm getting pulled over" can be a shortcut: Once the shortcut is installed and configured, you just have to say, for example, "Hey Siri, I'm getting pulled over." Then the program pauses music you may be playing, turns down the brightness on the iPhone, and turns on "do not disturb"...
Florida City Pays Ransomware
Learning from the huge expenses Atlanta and Baltimore incurred by refusing to pay ransomware, the Florida City of Riveria Beach decided to pay up. The ransom amount of almost $600,000 is a lot, but much cheaper than the alternative...
Election Security
Stanford University's Cyber Policy Center has published a long report on the security of US elections. Summary: it's not good...
Data Leakage from Encrypted Databases
Matthew Green has a super-interesting blog post about information leakage from encrypted databases. It describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson. Even the summary is too much to summarize, so read it...
Reverse Location Search Warrants
The police are increasingly getting search warrants for information about all cell phones in a certain location at a certain time: Police departments across the country have been knocking at Google's door for at least the last two years with warrants to tap into the company's extensive stores of...
Critical Windows Vulnerability Discovered by NSA
Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a...
Friday Squid Blogging: Planctotuethis Squid
Neat video, and an impressive-looking squid. I can't figure out how long it is. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
TPM-Fail Attacks Against Cryptographic Coprocessors
Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks, by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module TPM serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical...
MongoDB Offers Field Level Encryption
MongoDB now has the ability to encrypt data by field: MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient. In such a "client-side"...
Drone Denial-of-Service Attack against Gatwick Airport
Someone is flying a drone over Gatwick Airport in order to disrupt service: Chris Woodroofe, Gatwick's chief operating officer, said on Thursday afternoon there had been another drone sighting which meant it was impossible to say when the airport would reopen. He told BBC News: "There are 110,000...
Hacking Hardware Security Modules
Security researchers Gabriel Campana and Jean-Baptiste Bédrune are giving a hardware security module HSM talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. It wi...
REvil is Off-Line
This is an interesting development: Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American targets, the most aggressive of the groups suddenly went off-line early Tuesday. … Gone was the publicly available "happy blog" th...
Ransomware Recovery Firms Who Secretly Pay Hackers
ProPublica is reporting on companies that pretend to recover data locked up by ransomware, but just secretly pay the hackers and then mark up the cost to the victims...
Leaked NSA Hacking Tools
In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. Most people believe it is a front for the Russian government. Since, then the vulnerabilities and tools have been used by both government and criminals, and put the NSA's...
Machine Learning to Detect Software Vulnerabilities
No one doubts that artificial intelligence AI and machine learning ML will transform cybersecurity. We just don't know how, or when. While the literature generally focuses on the different uses of AI by attackers and defenders and the resultant arms race between the two I want to talk about...
Click Here to Kill Everybody Available as an Audiobook
Click Here to Kill Everybody is finally available on Audible.com. I have ten download codes. Not having anything better to do with them, here they are: 1. HADQSSFC98WCQ 2. LDLMC6AJLBDJY 3. YWSY8CXYMQNJ6 4. JWM7SGNUXX7DB 5. UPKAJ6MHB2LEF 6. M85YN36UR926H 7. 9ULE4NFAH2SLF 8. GU7A79GSDCXAT 9...
Friday Squid Blogging: Triassic Kraken
Research paper: "Triassic Kraken: The Berlin Ichthyosaur Death Assemblage Interpreted as a Giant Cephalopod Midden": Abstract: The Luning Formation at Berlin Ichthyosaur State Park, Nevada, hosts a puzzling assemblage of at least 9 huge ≤14 m juxtaposed ichthyosaurs Shonisaurus popularis...
Why Technologists Need to Get Involved in Public Policy
Last month, I gave a 15-minute talk in London titled: "Why technologists need to get involved in public policy." In it, I try to make the case for public-interest technologists. I also maintain a public-interest tech resources page, which has pretty much everything I can find in this space. If I'...
Friday Squid Blogging: Squid Perfume
It's not perfume for squids. Nor is it perfume made from squids. It's a perfume called Squid, "inspired by life in the sea." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Computers and Video Surveillance
It used to be that surveillance cameras were passive. Maybe they just recorded, and no one looked at the video unless they needed to. Maybe a bored guard watched a dozen different screens, scanning for something interesting. In either case, the video was only stored for a few days because storage...
Fraudulent Academic Papers
The term "fake news" has lost much of its meaning, but it describes a real and dangerous Internet trend. Because it's hard for many people to differentiate a real news site from a fraudulent one, they can be hoodwinked by fictitious news stories pretending to be real. The result is that otherwise...
Friday Squid Blogging: Searching for Humboldt Squid with Electronic Bait
Video and short commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Thangrycat: A Serious Cisco Vulnerability
Summary: Thangrycat is caused by a series of hardware design flaws within Cisco's Trust Anchor module. First commercially introduced in 2013, Cisco Trust Anchor module TAm is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and...
Gen. Nakasone on US Cyber Command
Really interesting article by and interview with Paul M. Nakasone Commander of US Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service in the current issue of Joint Forces Quarterly. He talks about the evolving role of US Cyber Command, and its new...
Security Flaws in Children's Smart Watches
A year ago, the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children. A recent analysis checked if anything had improved after...