2980 matches found
New York Times Journalist Hacked with NSO Spyware
Citizen Lab is reporting that a New York Times journalist was hacked with the NSO Groups spyware Pegasus, probably by the Saudis. The world needs to do something about these cyberweapons arms manufacturers. This kind of thing isnt enough; NSO Group is an Israeli company...
Friday Squid Blogging: Squid Eating Maine Shrimp
Squid are eating Maine shrimp, causing a collapse of the ecosystem. This seems to be a result of climate change. Maines shrimp fishery has been closed for nearly a decade since the stocks collapse in 2013. Scientists are now saying a species of squid that came into the Gulf of Maine during a...
Nation-State Attacker of Telecommunications Networks
Someone has been hacking telecommunications networks around the world: LightBasin aka UNC1945 is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications...
Problems with Multifactor Authentication
Roger Grimes on why multifactor authentication isnt a panacea: The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later. And, embarrassingly, it was his most trusted ...
Textbook Rental Scam
Heres a story of someone who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them the buyout price for non-returned...
Using Machine Learning to Guess PINs from Video
Researchers trained a machine-learning system on videos of people typing their PINs into ATMs: By using three tries, which is typically the maximum allowed number of attempts before the card is withheld, the researchers reconstructed the correct sequence for 5-digit PINs 30% of the time, and...
Ransomware Attacks against Water Treatment Plants
According to a report from CISA last week, there were three ransomware attacks against water treatment plants last year. WWS Sector cyber intrusions from 2019 to early 2021 include: In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility. The...
Missouri Governor Doesn’t Understand Responsible Disclosure
The Missouri governor wants to prosecute the reporter who discovered a security vulnerability in a states website, and then reported it to the state. The newspaper agreed to hold off publishing any story while the department fixed the problem and protected the private information of teachers arou...
Friday Squid Blogging: New Giant Squid Video
New video of a large squid in the Red Sea at about 2,800 feet. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Security Risks of Client-Side Scanning
Even before Apple made its announcement, law enforcement shifted their battle for backdoors to client-side scanning. The idea is that they wouldnt touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption. Its not a cryptographic backdoor, b...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’ll be speaking at an Informa event on November 29, 2021. Details to come. The list is maintained on this page...
Recovering Real Faces from Face-Generation ML System
New paper: "This Person Probably Exists. Identity Membership Attacks Against GAN Generated Faces. Abstract: Recently, generative adversarial networks GANs have achieved stunning realism, fooling even human observers. Indeed, the popular tongue-in-cheek website http://thispersondoesnotexist.com,...
Suing Infrastructure Companies for Copyright Violations
Its a matter of going after those with deep pockets. From Wired: Cloudflare was sued in November 2018 by Mon Cheri Bridals and Maggie Sottero Designs, two wedding dress manufacturers and sellers that alleged Cloudflare was guilty of contributory copyright infringement because it didnt terminate...
Airline Passenger Mistakes Vintage Camera for a Bomb
I feel sorry for the accused: The "security incident" that forced a New-York bound flight to make an emergency landing at LaGuardia Airport on Saturday turned out to be a misunderstanding -- after an airline passenger mistook another travelers camera for a bomb, sources said Sunday. American...
The European Parliament Voted to Ban Remote Biometric Surveillance
Its not actually banned in the EU yet -- the legislative process is much more complicated than that -- but its a step: a total ban on biometric mass surveillance. To respect "privacy and human dignity," MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of...
Friday Squid Blogging: Strawberry Squid
Pretty pictures of a strawberry squid Histioteuthis heteropsis. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Syniverse Hack
This is interesting: A company that is a critical part of the global telecommunications infrastructure used by AT&T, T-Mobile, Verizon and several others around the world such as Vodafone and China Mobile, quietly disclosed that hackers were inside its systems for years, impacting more than 200 o...
Facebook Is Down
Facebook -- along with Instagram and WhatsApp -- went down globally today. Basically, someone deleted their BGP records, which made their DNS fall apart. …at approximately 11:39 a.m. ET today 15:39 UTC, someone at Facebook caused an update to be made to the companys Border Gateway Protocol BGP...
Cheating on Tests
Interesting story of test-takers in India using Bluetooth-connected flip-flops to communicate with accomplices while taking a test. Whats interesting is how this cheating was discovered. Its not that someone noticed the communication devices. Its that the proctors noticed that cheating test taker...
Friday Squid Blogging: Squid Game
Netflix has a new series called Squid Game, about people competing in a deadly game for money. It has nothing to do with actual squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
A Death Due to Ransomware
The Wall Street Journal is reporting on a babys death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing. Amid the hack, fewer eyes were on the heart monitors -- normally tracked on a large screen at the nurses station, in...
Hardening Your VPN
The NSA and CISA have released a document on how to harden your VPN...
Check What Information Your Browser Leaks
These two sites tell you what sorts of information youre leaking from your browser...
Tracking Stolen Cryptocurrencies
Good article about the current state of cryptocurrency forensics...
Friday Squid Blogging: Person in Squid Suit Takes Dog for a Walk
No, I dont understand it, either. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
I Am Not Satoshi Nakamoto
This isnt the first time Ive received an e-mail like this: Hey! Ive done my research and looked at a lot of facts and old forgotten archives. I know that you are Satoshi, I do not want to tell anyone about this. I just wanted to say that you created weapons of mass destruction where niches remain...
The Proliferation of Zero-days
The MIT Technology Review is reporting that 2021 is a blockbuster year for zero-day exploits: One contributing factor in the higher rate of reported zero-days is the rapid global proliferation of hacking tools. Powerful groups are all pouring heaps of cash into zero-days to use for themselves --...
ROT8000
ROT8000 is the Unicode equivalent of ROT13. Whats clever about it is that normal English looks like Chinese, and not like ciphertext to a typical Westerner, that is...
FBI Had the REvil Decryption Key
The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didnt pass it along to victims because it would have disrupted an ongoing operation. The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack. Deploying i...
Alaska’s Department of Health and Social Services Hack
Apparently, a nation-state hacked Alaskas Department of Health and Social Services. Not sure why Alaskas Department of Health and Social Services is of any interest to a nation-state, but thats probably just my failure of imagination...
Friday Squid Blogging: Ram’s Horn Squid Shells
You can find rams horn squid shells on beaches in Texas and presumably elsewhere. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Zero-Click iMessage Exploit
Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Groups Pegasus spyware. Apple patched the vulnerability; everyone needs to update their OS immediately. News articles on the exploit...
Identifying Computer-Generated Faces
Its the eyes: The researchers note that in many cases, users can simply zoom in on the eyes of a person they suspect may not be real to spot the pupil irregularities. They also note that it would not be difficult to write software to spot such errors and for social media sites to use it to remove...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m keynoting CIISec Live—an all-online event—September 15-16, 2021. I’m speaking at the Infosecurity Magazine EMEA Autumn Online Summit on September 21, 2021. I’m speaking at the Cybersecurity and Data Privacy Law Conference in...
Designing Contact-Tracing Apps
Susan Landau wrote an essay on the privacy, efficacy, and equity of contract-tracing smartphone apps. Also see her excellent book on the topic...
Friday Squid Blogging: Possible Evidence of Squid Paternal Care
Researchers have found possible evidence of paternal care among bigfin reef squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
ProtonMail Now Keeps IP Logs
After being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that "we do not keep any IP logs." EDITED TO ADD 9/14: This seems to be more complicated. ProtonMail is not yet saying that they keep logs. Their privacy policy still states that they do n...
More Detail on the Juniper Hack and the NSA PRNG Backdoor
We knew the basics of this story, but its good to have more detail. Heres me in 2015 about this Juniper hack. Heres me in 2007 on the NSA backdoor...
Security Risks of Relying on a Single Smartphone
Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the phone and replaced the SIM card, which was oddly the best possible outcome, given the circumstances. Using the data to steal money would...
Lightning Cable with Embedded Eavesdropping
Normal-looking cables USB-C, Lightning, and so on that exfiltrate data over a wireless network. I blogged about a previous prototype here...
Tracking People by their MAC Addresses
Yet another article on the privacy risks of static MAC addresses and always-on Bluetooth connections. This one is about wireless headphones. The good news is that product vendors are fixing this: Several of the headphones which could be tracked over time are for sale in electronics stores, but...
Friday Squid Blogging: Squid Communication
Interesting article on squid communication. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Hacker-Themed Board Game
Black Hat is a hacker-themed board game...
History of the HX-63 Rotor Machine
Jon D. Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG...
Zero-Click iPhone Exploits
Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they dont require to victim to do anything, like click on a link or open a file. The victim receiv...
More Military Cryptanalytics, Part III
Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahoss Military Cryptanalytics, Part III. We just got most of the index. Its hard to believe that there are any real secrets left in this 44-year-old volume...
Excellent Write-up of the SolarWinds Security Breach
Robert Chesney wrote up the Solar Winds story as a case study, and its a really good summary...
Friday Squid Blogging: Tentacle Doorknob
Its pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Details of the Recent T-Mobile Breach
Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security. Ive lost count of how many times T-Mobile has been hacked...
Interesting Privilege Escalation Vulnerability
If you plug a Razer peripheral mouse or keyboard, I think into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software -- which automatically downloads -- to gain SYSTEM privileges. It should be noted that this is a local privilege escalation LPE vulnerability, which...