Lucene search
K
SchneierRecent

2980 matches found

Schneier on Security
Schneier on Security
added 2021/02/25 12:19 p.m.44 views

On Chinese-Owned Technology Platforms

I am a co-author on a report published by the Hoover Institution: "Chinese Technology Platforms Operating in the United States." From a blog post: The report suggests a comprehensive framework for understanding and assessing the risks posed by Chinese technology platforms in the United States and...

1.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/24 12:19 p.m.77 views

Twelve-Year-Old Vulnerability Found in Windows Defender

Researchers found, and Microsoft has patched, a vulnerability in Windows Defender that has been around for twelve years. There is no evidence that anyone has used the vulnerability during that time. The flaw, discovered by researchers at the security firm SentinelOne, showed up in a driver that...

2.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/23 12:18 p.m.49 views

Dependency Confusion: Another Supply-Chain Vulnerability

Alex Birsan writes about being able to install malware into proprietary corporate software by naming the code files to be identical to internal corporate code files. From a ZDNet article: Today, developers at small or large companies use package managers to download and import libraries that are...

1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/22 12:17 p.m.54 views

GPS Vulnerabilities

Really good op-ed in the New York Times about how vulnerable the GPS system is to interference, spoofing, and jamming -- and potential alternatives. The 2018 National Defense Authorization Act included funding for the Departments of Defense, Homeland Security and Transportation to jointly conduct...

1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/19 10:16 p.m.57 views

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish

From the Monterey Bay Aquarium. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

2.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/19 12:0 p.m.54 views

Router Security

This report is six months old, and I dont know anything about the organization that produced it, but it has some alarming data about router security. Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very o...

0.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/18 8:14 p.m.42 views

WEIS 2021 Call for Papers

The 20th Annual Workshop on the Economics of Information Security WEIS 2021 will be held online in June. We just published the call for papers...

0.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/18 12:13 p.m.45 views

Virginia Data Privacy Law

Virginia is about to get a data privacy law, modeled on Californias law...

3.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/17 12:5 p.m.63 views

Browser Tracking Using Favicons

Interesting research on persistent web tracking using favicons. For those who dont know, favicons are those tiny icons that appear in browser tabs next to the page name. Abstract: The privacy threats of online tracking have garnered considerable attention in recent years from researchers and...

2.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/16 12:13 p.m.45 views

Malicious Barcode Scanner App

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. Its been around since 2017 and is owned by the Ukrainian company Lavabird Ldt. But a December 2020 update included some new features: However, a rash of malicious...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/15 8:50 p.m.63 views

US Cyber Command Valentine’s Day Cryptography Puzzles

The US Cyber Command has released a series of ten Valentines Day "Cryptography Challenge Puzzles." Slashdot thread. Reddit thread. And heres the archived link, in case Cyber Command takes the page down...

1.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/15 7:11 p.m.42 views

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers: In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermo...

Exploits0
Schneier on Security
Schneier on Security
added 2021/02/15 12:14 p.m.50 views

On Vulnerability-Adjacent Vulnerabilities

At the virtual Enigma Conference, Googles Project Zeros Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have the attackers tweak their exploits to work again. From a MIT Technology Review article: Soon after they...

Exploits0
Schneier on Security
Schneier on Security
added 2021/02/13 5:41 p.m.56 views

Chinese Supply-Chain Attack on Computer Systems

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. Its been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: Chinas exploitation of products made by...

Exploits0
Schneier on Security
Schneier on Security
added 2021/02/12 10:3 p.m.27 views

Friday Squid Blogging: Flying Squid

How squid fly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

1.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/12 8:5 p.m.73 views

Medieval Security Techniques

Sonja Drummer describes with photographs two medieval security techniques. The first is a for authentication: a document has been cut in half with an irregular pattern, so that the two halves can be brought together to prove authenticity. The second is for integrity: hashed lines written above an...

1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/12 12:8 p.m.42 views

Attack against Florida Water Treatment Facility

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide -- thats lye -- by a factor of 100. This could have been fatal to people living downstream, if an alert operator hadnt noticed the...

3.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/10 1:39 p.m.30 views

Ransomware Profitability

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the companys data, among last years top earners, there were groups like Ryuk, Maze now-defunct, Doppelpaymer, Netwalker disrupted by...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/09 12:1 p.m.24 views

Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer

MalwareBytes is reporting a weird software credit card skimmer. It harvests credit card data stolen by another, different skimmer: Even though spotting multiple card skimmer scripts on the same online shop is not unheard of, this one stood out due to its highly specialized nature. "The threat...

0.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/08 6:11 p.m.43 views

SonicWall Zero-Day

Hackers are exploiting a zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: "Our team has observed signs of an attempted exploitation of a vulnerabilitythat affects the SonicWall SMA 100 series devices. We are working closely with SonicWall to investigate this in more depth." In...

0.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/08 12:34 p.m.53 views

NoxPlayer Android Emulator Supply-Chain Attack

It seems to be the season of sophisticated supply-chain attacks. This one is in the NoxPlayer Android emulator: ESET says that based on evidence its researchers gathered, a threat actor compromised one of the companys official API api.bignox.com and file-hosting servers res06.bignox.com. Using th...

1.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/05 10:13 p.m.34 views

Friday Squid Blogging: Live Giant Squid Found in Japan

A giant squid was found alive in the port of Izumo, Japan. Not a lot of news, just this Twitter thread with a couple of videos. If confirmed, I believe this will be the THIRD time EVER a giant squid was filmed alive! As usual, you can also use this squid post to talk about the security stories in...

1.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/05 11:58 a.m.40 views

Presidential Cybersecurity and Pelotons

President Biden wants his Peloton in the White House. For those who have missed the hype, its an Internet-connected stationary bicycle. It has a screen, a camera, and a microphone. You can take live classes online, work out with your friends, or join the exercise social network. And all of that i...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/04 12:11 p.m.57 views

Another SolarWinds Orion Hack

At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor -- believed to be Chinese in origin -- was using an already existing vulnerability in Orion to penetrate networks: Two people briefed on the case said FBI investigators...

0.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/03 12:10 p.m.37 views

More SolarWinds News

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot, was deployed in September 2019, at the time hackers breached SolarWinds...

0.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/01 4:9 p.m.53 views

Georgia’s Ballot-Marking Devices

Andrew Appel discusses Georgias voting machines, how the paper ballots facilitated a recount, and the problem with automatic ballot-marking devices: Suppose the polling-place optical scanners had been hacked enough to change the outcome. Then this would have been detected in the audit, and in...

0.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/29 10:6 p.m.40 views

Friday Squid Blogging: Squids Don’t Like Pile-Driving Noises

New research: Pile driving occurs during construction of marine platforms, including offshore windfarms, producing intense sounds that can adversely affect marine animals. We quantified how a commercially and economically important squid Doryteuthis pealeii: Lesueur 1821 responded to pile driving...

0.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/29 6:3 p.m.30 views

Including Hackers in NATO Wargames

This essay makes the point that actual computer hackers would be a useful addition to NATO wargames: The international information security community is filled with smart people who are not in a military structure, many of whom would be excited to pose as independent actors in any upcoming...

0.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/29 3:20 p.m.27 views

New iMessage Security Features

Apple has added added security features to mitigate the risk of zero-click iMessage attacks. Apple did not document the changes but Groß said he fiddled around with the newest iOS 14 and found that Apple shipped a "significant refactoring of iMessage processing" that severely cripples the usual...

1.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/28 12:2 p.m.52 views

Police Have Disrupted the Emotet Botnet

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware. Subjects of emails and documents in Emotet campaigns are...

0.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/27 2:59 p.m.29 views

Dutch Insider Attack on COVID-19 Data

Insider data theft: Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministrys COVID-19 systems on the criminal underground. … According to Verlaan, the two suspects worked in DDG call centers, where they had access to official Dutch government...

2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/26 12:15 p.m.52 views

Massive Brazilian Data Breach

I think this is the largest data breach of all time: 220 million people. Lots more stories are in Portuguese...

2.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/25 3:33 p.m.46 views

Insider Attack on Home Surveillance Systems

No one who reads this blog regularly will be surprised: A former employee of prominent home security company ADT has admitted that he hacked into the surveillance feeds of dozens of customer homes, doing so primarily to spy on naked women or to leer at unsuspecting couples while they had sex. …...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/22 10:19 p.m.30 views

Friday Squid Blogging: Vegan Chili Squid

The restaurant chain Wagamama is selling a vegan version of its Chilli Squid side dish made from king oyster mushrooms. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

2.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/21 12:31 p.m.73 views

SVR Attacks on Microsoft 365

FireEye is reporting the current known tactics that the SVR used to compromise Microsoft 365 cloud data as part of its SolarWinds operation: Mandiant has observed UNC2452 and other threat actors moving laterally to the Microsoft 365 cloud using a combination of four primary techniques: Steal the...

1.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/20 12:0 p.m.31 views

Sophisticated Watering Hole Attack

Googles Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android: Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers both companies have since patched t...

2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/19 12:16 p.m.39 views

Injecting a Backdoor into SolarWinds Orion

Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points SUNSPOT is StellarParticles malware used to insert the SUNBURST backdoor into software builds of the SolarWinds Orion IT management product. SUNSPOT monitors...

1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/15 10:3 p.m.47 views

Friday Squid Blogging: China Launches Six New Squid Jigging Vessels

From Pingtan Marine Enterprise: The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters of Southwest Atlantic Ocean for maintenance and repair. These vessels left the port of Mawei on December 17, 2020 and are sailing to the...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/15 6:26 p.m.62 views

Click Here to Kill Everybody Sale

For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. Note that I have had occasional problems with international shipping. The book just disappears somewhere in the process. At this price, international orders are at the buyers...

0.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/15 12:36 p.m.42 views

Cell Phone Location Privacy

We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out a way to fix that. “Pretty Good Phone Privacy” PGPP protects both user identity and user location using the existing cellular networks. ...

0.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/14 5:42 p.m.42 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im speaking online as part of Western Washington Universitys Internet Studies Lecture Series on January 20, 2021. Im speaking online at ITU Denmark on February 2, 2021. Details to come. Im being interviewed by Keith Cronin as part ...

1.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/14 12:8 p.m.56 views

Finding the Location of Telegram Users

Security researcher Ahmed Hassan has shown that spoofing the Androids "People Nearby" feature allows him to pinpoint the physical location of Telegram users: Using readily available software and a rooted Android device, hes able to spoof the location his device reports to Telegram servers. By usi...

0.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/13 12:6 p.m.21 views

On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security

Smart commentary: …I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile gates I had ­ the ones that look like bike racks that can hook together ­ to try to keep the crowds away from sensitive areas and,...

0.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/12 12:16 p.m.36 views

Cloning Google Titan 2FA keys

This is a clever side-channel attack: The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip, which acts as a secure element that stores the cryptographic secrets. Next, an attacker connects the chip to hardware and software that take...

0.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/11 12:17 p.m.35 views

Changes in WhatsApp’s Privacy Policy

If youre a WhatsApp user, pay attention to the changes in the privacy policy that youre being forced to agree with. In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Now, an updated privacy policy is changing that. Come next month, users wi...

0.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/08 10:2 p.m.44 views

Friday Squid Blogging: Searching for Giant Squid by Collecting Environmental DNA

The idea is to collect and analyze random DNA floating around the ocean, and using that to figure out where the giant squid are. No one is sure if this will actually work. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blo...

2.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/08 8:19 p.m.47 views

APT Horoscope

This delightful essay matches APT hacker groups up with astrological signs. This is me: Capricorn is renowned for its discipline, skilled navigation, and steadfastness. Just like Capricorn, Helix Kitten also known as APT 35 or OilRig is a skilled navigator of vast online networks, maneuvering...

1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/08 12:27 p.m.25 views

Russia’s SolarWinds Attack and Software Security

The information that is emerging about Russias extensive cyberintelligence operation against the United States and other countries should be increasingly alarming to the public. The magnitude of the hacking, now believed to have affected more than 250 federal agencies and businesses -- ­primarily...

0.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/07 12:14 p.m.39 views

Extracting Personal Information from Large Language Models Like GPT-2

Researchers have been able to find all sorts of personal information within GPT-2. This information was part of the training data, and can be extracted with the right sorts of queries. Paper: "Extracting Training Data from Large Language Models." Abstract: It has become common to publish large...

1.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/01/06 11:44 a.m.20 views

Backdoor in Zyxel Firewalls and Gateways

This is bad: More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. … Installing patches removes the backdoor...

3.9AI score
Exploits0
Total number of security vulnerabilities2980