2981 matches found
Friday Squid Blogging: Do Squid Have Emotions?
Scientists are now debating whether octopuses, squid, and crabs have emotions. Short answer: we dont know, but cant rule it out. There may be a point when humans can no longer assume that crayfish, shrimp, and other invertebrates dont feel pain and other emotions. "If they can no longer be...
Linux Improves Its Random Number Generator
In kernel version 5.17, both /dev/random and /dev/urandom have been replaced with a new -- identical -- algorithm based on the BLAKE2 hash function, which is an excellent security improvement...
Friday Squid Blogging: The Costs of Unregulated Squid Fishing
Greenpeace has published a report, "Squids in the Spotlight," on the extent and externalities of global squid fishing. News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Where’s the Russia-Ukraine Cyberwar?
It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found and neutered. Near as I can tell, the only thing that worked was the disabling of regional KA-SAT SATC...
Details of an NSA Hacking Operation
Pangu Lab in China just published a report of a hacking operation by the Equation Group aka the NSA. It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers aka some Russian group. …the scope of victims exceeded 287 targets in 45 countries,...
Privacy Violating COVID Tests
A good lesson in reading the fine print: Cignpost Diagnostics, which trades as ExpressTest and offers £35 tests for holidaymakers, said it holds the right to analyse samples from seals to "learn more about human health" -- and sell information on to third parties. Individuals are required to give...
Possible Government Surveillance of the Otter.ai Transcription App
A reporter interviews a Uyghur human-rights advocate, and uses the Otter.ai transcription app. The next day, I received an odd note from Otter.ai, the automated transcription app that I had used to record the interview. It read: “Hey Phelim, to help us improve your Otter’s experience, what was th...
Vendors are Fixing Security Flaws Faster
Googles Project Zero is reporting that software vendors are patching their code faster. tl;dr In 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Project Zero. This is a significant acceleration from an average of about 80 days 3 years ago. In addition to the...
Secret CIA Data Collection Program
Two US senators claim that the CIA has been running an unregulated -- and almost certainly illegal -- mass surveillance program on Americans. The senators statement. Some declassified information from the CIA. No real details yet...
Friday Squid Blogging: Climate Change Causing “Squid Bloom” along Pacific Coast
The oceans are warmer, which means more squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Friday Squid Blogging: The Far Side Squid Comic
The Far Side is always good for a squid reference. Heres a recent one. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Friday Squid Blogging: Giant Squid Art
Images of giant squid and octopi attacking. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
MacOS Zero-Day Used against Hong Kong Activists
Google researchers discovered a MacOS zero-day exploit being used against Hong Kong activists. It was a "watering hole" attack, which means the malware was hidden in a legitimate website. Users visiting that website would get infected. From an article: Googles researchers were able to trigger the...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’ll be speaking at an Informa event on November 29, 2021. Details to come. The list is maintained on this page...
Friday Squid Blogging: Possible Evidence of Squid Paternal Care
Researchers have found possible evidence of paternal care among bigfin reef squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Security Risks of Relying on a Single Smartphone
Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the phone and replaced the SIM card, which was oddly the best possible outcome, given the circumstances. Using the data to steal money would...
Hacking AI-Graded Tests
The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis...
UAE Hack and Leak Operations
Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates UAE, Qatar, and Saudi Arabia, should be seen as the "simulation of scandal" -- deliberate...
Data and Goliath Book Placement
Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King. This demonstrates the importance of a vibrant color and a large font...
Friday Squid Blogging: Fantastic Video of a Juvenile Giant Squid
It's amazing: Then, about 20 hours into the recording from the Medusa's fifth deployment, Dr. Robinson saw the sharp points of tentacles sneaking into the camera's view. "My heart felt like exploding," he said on Thursday, over a shaky phone connection from the ship's bridge. At first, the animal...
Stealing Nativity Displays
The New York Times is reporting on the security measures people are using to protect nativity displays...
CIA Network Exposed through Insecure Communications System
Interesting story of a CIA intelligence network in China that was exposed partly because of a computer security failure: Although they used some of the same coding, the interim system and the main covert communication platform used in China at this time were supposed to be clearly separated. In...
IoT Inspector Tool from Princeton
Researchers at Princeton University have released IoT Inspector, a tool that analyzes the security and privacy of IoT devices by examining the data they send across the Internet. They've already used the tool to study a bunch of different IoT devices. From their blog post: Finding 3: Many IoT...
Jumping Air Gaps
Nice profile of Mordechai Guri, who researches a variety of clever ways to steal data over air-gapped computers. Guri and his fellow Ben-Gurion researchers have shown, for instance, that it's possible to trick a fully offline computer into leaking data to another nearby device via the noise its...
Amazon's Door Lock Is Amazon's Bid to Control Your Home
Interesting essay about Amazon's smart lock: When you add Amazon Key to your door, something more sneaky also happens: Amazon takes over. You can leave your keys at home and unlock your door with the Amazon Key app -- but it's really built for Amazon deliveries. To share online access with family...
Details on the Mirai Botnet Authors
Brian Krebs has a long article on the Mirai botnet authors, who pled guilty...
Firing a Locked Smart Gun
The Armatix IP1 "smart gun" can only be fired by someone who is wearing a special watch. Unfortunately, this security measure is easily hackable...
Amazon Patents Measures to Prevent In-Store Comparison Shopping
Amazon has been issued a patent on security measures that prevents people from comparison shopping while in the store. It's not a particularly sophisticated patent -- it basically detects when you're using the in-store Wi-Fi to visit a competitor's site and then blocks access -- but it is an...
Surveillance Intermediaries
Interesting law-journal article: "Surveillance Intermediaries," by Alan Z. Rozenshtein. Abstract:Apple's 2016 fight against a court order commanding it to help the FBI unlock the iPhone of one of the San Bernardino terrorists exemplifies how central the question of regulating government...
Embedding Forbidden Text in Spyware to Discourage AI Analysis
At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis. Details: The index.js payload begins with a large JavaScript block comment containing fake system instructions and policy-triggering content. Because it...
AI Worm
Researchers have prototyped an AI-powered internet worm. The coolest thing about the prototype is that it carries its own LLM with it, and runs it on computers that have been broken into. This is the closest to John Brunner's original 1975 conception of a computer worm that I've seen...
The Intersection of Encryption and AI
As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share their reflections on the topic today. This is my section. Renowned technologist and author Bruce Schnei...
Microsoft Threatening Security Researcher
An anonymous security researcher called "Nightmare Eclipse" has been publishing a series of significant security exploits against Microsoft Windows--including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recriminations are being traded back and...
Copy.Fail Linux Vulnerability
This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kernel crypto API AFALG sockets plus splice to write four bytes at a time straigh...
Smart Glasses for the Authorities
ICE is developing its own version of smart glasses, with facial recognition tied to various databases...
FBI Extracts Deleted Signal Messages from iPhone Notification Database
404 Media reports alternate site: The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database…. The news shows how forensic...
Generative AI as a Cybercrime Assistant
Anthropic reports on a Claude user: We recently disrupted a sophisticated cybercriminal that used Claude Code to commit large-scale theft and extortion of personal data. The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government and...
We Are Still Unable to Secure LLMs from Malicious Inputs
Nice indirect prompt injection attack: Bargury's attack starts with a poisoned document, which is shared to a potential victim's Google Drive. Bargury says a victim could have also uploaded a compromised file to their own account. It looks like an official document on company meeting policies. Bu...
Communications Backdoor in Chinese Power Inverters
This is a weird story: U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said. … Over the past nine...
Chinese AI Submersible
A Chinese company has developed an AI-piloted submersible that can reach speeds "similar to a destroyer or a US Navy torpedo," dive "up to 60 metres underwater," and "remain static for more than a month, like the stealth capabilities of a nuclear submarine." In case you're worried about the...
How to Leak to a Journalist
Neiman Lab has some good advice on how to leak a story to a journalist...
More Countries are Demanding Backdoors to Encrypted Apps
Last month, I wrote about the UK forcing Apple to break its Advanced Data Protection encryption in iCloud. More recently, both Sweden and France are contemplating mandating backdoors. Both initiatives are attempting to scare people into supporting backdoors, which are--of course--are terrible ide...
Friday Squid Blogging: Eating Bioluminescent Squid
Firefly squid is now a delicacy in New York. Blog moderation policy...
New VPN Backdoor
A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can't be leveraged by competing groups or detected by defenders. One countermeasure is to equip the...
Surveillance Watch
This is a fantastic project mapping the global surveillance industry...
The State of Ransomware
Palo Alto Networks published its semi-annual report on ransomware. From the Executive Summary: Unit 42 monitors ransomware and extortion leak sites closely to keep tabs on threat activity. We reviewed compromise announcements from 53 dedicated leak sites in the first half of 2024 and found 1,762...
Security Analysis of the EU’s Digital Wallet
A group of cryptographers have analyzed the eiDAS 2.0 regulation electronic identification and trust services that defines the new EU Digital Identity Wallet...
Recovering Public Keys from Signatures
Interesting summary of various ways to derive the public key from digitally signed files. Normally, with a signature scheme, you have the public key and want to know whether a given signature is valid. But what if we instead have a message and a signature, assume the signature is valid, and want ...
Demo of AES GCM Misuse Problems
This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode...
Zero-Trust DNS
Microsoft is working on a promising-looking protocol to lock down DNS. ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform--the core component of the Windows Firewall--directly into client devices. Jake Williams, VP of research an...