Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 1,246

Source: Schneier on Security

Articles recieved 17/09/2021
Article: Friday Squid Blogging: Ram’s Horn Squid Shells - published about 3 years ago.
Content: You can find ram’s horn squid shells on beaches in Texas (and presumably elsewhere). As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/09/friday-squid-blogging-rams-horn-squid-shells.html 
🔥🔥
 
Published: 2021 09 17 21:14:48
Received: 2021 09 17 22:04:06
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Zero-Click iMessage Exploit - published about 3 years ago.
Content: Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Group’s Pegasus spyware. Apple patched the vulnerability; everyone needs to update their OS immediately. News articles on the exploit. ...
https://www.schneier.com/blog/archives/2021/09/zero-click-imessage-exploit.html 
🔥🔥
 
Published: 2021 09 17 11:09:27
Received: 2021 09 17 12:05:26
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:04 Friday Squid Blogging: Ram’s Horn Squid Shells
🔥🔥
12:05 Zero-Click iMessage Exploit
🔥🔥
Articles recieved 15/09/2021
Article: Identifying Computer-Generated Faces - published about 3 years ago.
Content: It’s the eyes: The researchers note that in many cases, users can simply zoom in on the eyes of a person they suspect may not be real to spot the pupil irregularities. They also note that it would not be difficult to write software to spot such errors and for social media sites to use it to remove such content. Unfortunately, they also note that now that suc...
https://www.schneier.com/blog/archives/2021/09/identifying-computer-generated-faces.html 
🔥🔥
 
Published: 2021 09 15 15:31:02
Received: 2021 09 15 16:05:41
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:05 Identifying Computer-Generated Faces
🔥🔥
Articles recieved 13/09/2021
Article: Designing Contact-Tracing Apps - published about 3 years ago.
Content: Susan Landau wrote an essay on the privacy, efficacy, and equity of contract-tracing smartphone apps. Also see her excellent book on the topic.
https://www.schneier.com/blog/archives/2021/09/designing-contact-tracing-apps.html 
🔥🔥
 
Published: 2021 09 13 11:41:46
Received: 2021 09 13 12:07:27
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:07 Designing Contact-Tracing Apps
🔥🔥
Articles recieved 10/09/2021
Article: Friday Squid Blogging: Possible Evidence of Squid Paternal Care - published about 3 years ago.
Content: Researchers have found possible evidence of paternal care among bigfin reef squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/09/friday-squid-blogging-possible-evidence-of-squid-paternal-care.html 
🔥🔥
 
Published: 2021 09 10 21:13:40
Received: 2021 09 10 22:06:51
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: ProtonMail Now Keeps IP Logs - published about 3 years ago.
Content: After being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.” EDITED TO ADD (9/14): This seems to be more complicated. ProtonMail is not yet saying that they keep logs. Their privacy policy still states that they do not keep logs except in certain circumstances, and outlines th...
https://www.schneier.com/blog/archives/2021/09/protonmail-now-keeps-ip-logs.html 
🔥🔥
 
Published: 2021 09 10 11:10:03
Received: 2021 09 10 12:05:26
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:06 Friday Squid Blogging: Possible Evidence of Squid Paternal Care
🔥🔥
12:05 ProtonMail Now Keeps IP Logs
🔥🔥
Articles recieved 09/09/2021
Article: More Detail on the Juniper Hack and the NSA PRNG Backdoor - published about 3 years ago.
Content: We knew the basics of this story, but it’s good to have more detail. Here’s me in 2015 about this Juniper hack. Here’s me in 2007 on the NSA backdoor. ...
https://www.schneier.com/blog/archives/2021/09/more-detail-on-the-juniper-hack-and-the-nsa-prng-backdoor.html 
🔥🔥
 
Published: 2021 09 09 11:13:10
Received: 2021 09 09 12:05:38
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 More Detail on the Juniper Hack and the NSA PRNG Backdoor
🔥🔥
Articles recieved 08/09/2021
Article: Security Risks of Relying on a Single Smartphone - published about 3 years ago.
Content: Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the phone and replaced the SIM card, which was oddly the best possible outcome, given the circumstances. Using the data to steal money would have been much worse. Here’s a link to an archived version. ...
https://www.schneier.com/blog/archives/2021/09/security-risks-of-relying-on-a-single-smartphone.html 
🔥🔥
 
Published: 2021 09 08 11:02:31
Received: 2021 09 08 12:06:25
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:06 Security Risks of Relying on a Single Smartphone
🔥🔥
Articles recieved 07/09/2021
Article: Lightning Cable with Embedded Eavesdropping - published about 3 years ago.
Content: Normal-looking cables (USB-C, Lightning, and so on) that exfiltrate data over a wireless network. I blogged about a previous prototype here.
https://www.schneier.com/blog/archives/2021/09/lightning-cable-with-embedded-eavesdropping.html 
🔥🔥
 
Published: 2021 09 07 11:14:08
Received: 2021 09 07 12:04:05
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:04 Lightning Cable with Embedded Eavesdropping
🔥🔥
Articles recieved 06/09/2021
Article: Tracking People by their MAC Addresses - published about 3 years ago.
Content: Yet another article on the privacy risks of static MAC addresses and always-on Bluetooth connections. This one is about wireless headphones. The good news is that product vendors are fixing this: Several of the headphones which could be tracked over time are for sale in electronics stores, but according to two of the manufacturers NRK have spoken to, these m...
https://www.schneier.com/blog/archives/2021/09/tracking-people-by-their-mac-addresses.html 
🔥🔥
 
Published: 2021 09 06 11:11:03
Received: 2021 09 06 12:06:10
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:06 Tracking People by their MAC Addresses
🔥🔥
Articles recieved 03/09/2021
Article: Friday Squid Blogging: Squid Communication - published about 3 years ago.
Content: Interesting article on squid communication. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/09/friday-squid-blogging-squid-communication.html 
🔥🔥
 
Published: 2021 09 03 21:05:41
Received: 2021 09 03 22:07:12
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Hacker-Themed Board Game - published about 3 years ago.
Content: Black Hat is a hacker-themed board game.
https://www.schneier.com/blog/archives/2021/09/hacker-themed-board-game.html 
🔥🔥
 
Published: 2021 09 03 19:21:44
Received: 2021 09 03 20:05:05
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: History of the HX-63 Rotor Machine - published about 3 years ago.
Content: Jon D. Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG.
https://www.schneier.com/blog/archives/2021/09/history-of-the-hx-63-rotor-machine.html 
🔥🔥
 
Published: 2021 09 03 15:19:21
Received: 2021 09 03 16:06:24
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:07 Friday Squid Blogging: Squid Communication
🔥🔥
20:05 Hacker-Themed Board Game
🔥🔥
16:06 History of the HX-63 Rotor Machine
🔥🔥
Articles recieved 01/09/2021
Article: Zero-Click iPhone Exploits - published about 3 years ago.
Content: Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file. The victim receives a text message, and then they are hacked. More on this here...
https://www.schneier.com/blog/archives/2021/09/zero-click-iphone-exploits.html 
🔥🔥
 
Published: 2021 09 01 11:14:47
Received: 2021 09 01 12:06:24
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:06 Zero-Click iPhone Exploits
🔥🔥
Articles recieved 31/08/2021
Article: More Military Cryptanalytics, Part III - published about 3 years ago.
Content: Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahos’s Military Cryptanalytics, Part III. We just got most of the index. It’s hard to believe that there are any real secrets left in this 44-year-old volume. ...
https://www.schneier.com/blog/archives/2021/08/more-military-cryptanalytics-part-iii.html 
🔥🔥
 
Published: 2021 08 31 11:37:25
Received: 2021 08 31 12:08:08
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:08 More Military Cryptanalytics, Part III
🔥🔥
Articles recieved 30/08/2021
Article: Excellent Write-up of the SolarWinds Security Breach - published about 3 years ago.
Content: Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary.
https://www.schneier.com/blog/archives/2021/08/excellent-write-up-of-the-solarwinds-security-breach.html 
🔥🔥
 
Published: 2021 08 30 11:24:06
Received: 2021 08 30 12:05:29
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Excellent Write-up of the SolarWinds Security Breach
🔥🔥
Articles recieved 27/08/2021
Article: Friday Squid Blogging: Tentacle Doorknob - published about 3 years ago.
Content: It’s pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/08/friday-squid-blogging-tentacle-doorknob.html 
🔥🔥
 
Published: 2021 08 27 21:14:11
Received: 2021 08 27 22:06:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Details of the Recent T-Mobile Breach - published about 3 years ago.
Content: Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security. I’ve lost count of how many times T-Mobile has been hacked. ...
https://www.schneier.com/blog/archives/2021/08/details-of-the-recent-t-mobile-breach.html 
🔥🔥
 
Published: 2021 08 27 13:37:12
Received: 2021 08 27 14:06:59
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:06 Friday Squid Blogging: Tentacle Doorknob
🔥🔥
14:06 Details of the Recent T-Mobile Breach
🔥🔥
Articles recieved 26/08/2021
Article: Interesting Privilege Escalation Vulnerability - published about 3 years ago.
Content: If you plug a Razer peripheral (mouse or keyboard, I think) into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software — which automatically downloads — to gain SYSTEM privileges. It should be noted that this is a local privilege escalation (LPE) vulnerability, which means that you need to have a Razer devices and physical acc...
https://www.schneier.com/blog/archives/2021/08/interesting-privilege-escalation-vulnerability.html 
🔥🔥
 
Published: 2021 08 26 11:28:00
Received: 2021 08 26 12:05:35
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Interesting Privilege Escalation Vulnerability
🔥🔥
Articles recieved 25/08/2021
Article: Surveillance of the Internet Backbone - published about 3 years ago.
Content: Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be used for things like tracing VPN activity. At a high level, netflow data creates a picture of traffic flow and volume across a network. It can show which server communicated with another, information ...
https://www.schneier.com/blog/archives/2021/08/surveillance-of-the-internet-backbone.html 
🔥🔥
 
Published: 2021 08 25 15:13:48
Received: 2021 08 25 16:06:15
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:06 Surveillance of the Internet Backbone
🔥🔥
Articles recieved 20/08/2021
Article: Friday Squid Blogging: On Squid Brains - published about 3 years ago.
Content: Interesting National Geographic article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/08/friday-squid-blogging-on-squid-brains.html 
🔥🔥
 
Published: 2021 08 20 21:18:14
Received: 2021 08 20 22:04:55
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: More on Apple’s iPhone Backdoor - published about 3 years ago.
Content: In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM detection system were expected, and not a concern. I’m not convinced that this secondary system was originally part of the design, since it wasn’t discussed in the original specification. Good op-...
https://www.schneier.com/blog/archives/2021/08/more-on-apples-iphone-backdoor.html 
🔥🔥
 
Published: 2021 08 20 13:54:51
Received: 2021 08 20 14:06:28
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:04 Friday Squid Blogging: On Squid Brains
🔥🔥
14:06 More on Apple’s iPhone Backdoor
🔥🔥
Articles recieved 19/08/2021
Article: T-Mobile Data Breach - published about 3 years ago.
Content: It’s a big one: As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000. The trove includes not only names, phone numbers, and physical addresses but also more sensitive data like social secu...
https://www.schneier.com/blog/archives/2021/08/t-mobile-data-breach.html 
🔥🔥
 
Published: 2021 08 19 11:17:56
Received: 2021 08 19 12:05:57
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 T-Mobile Data Breach
🔥🔥
Articles recieved 18/08/2021
Article: Apple’s NeuralHash Algorithm Has Been Reverse-Engineered - published about 3 years ago.
Content: Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3, and someone noticed: Early tests show that it can tolerate image resizing and compression, but not cropping or rotations. We also have the first collision: two images that hash to the same value. The ne...
https://www.schneier.com/blog/archives/2021/08/apples-neuralhash-algorithm-has-been-reverse-engineered.html 
🔥🔥
 
Published: 2021 08 18 16:51:17
Received: 2021 08 18 17:04:55
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Tetris: Chinese Espionage Tool - published about 3 years ago.
Content: I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents.
https://www.schneier.com/blog/archives/2021/08/tetris-chinese-espionage-tool.html 
🔥🔥
 
Published: 2021 08 18 11:23:54
Received: 2021 08 18 12:06:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
17:04 Apple’s NeuralHash Algorithm Has Been Reverse-Engineered
🔥🔥
12:06 Tetris: Chinese Espionage Tool
🔥🔥
Articles recieved 13/08/2021
Article: Friday Squid Blogging: Squid Dog Toy - published about 3 years ago.
Content: It’s sold out, but the pictures are cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/08/squid-dog-toy.html 
🔥🔥
 
Published: 2021 08 06 21:05:38
Received: 2021 08 13 22:04:57
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Friday Squid Blogging: A Good Year for Squid? - published about 3 years ago.
Content: Improved ocean conditions are leading to optimism about this year’s squid catch. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/08/friday-squid-blogging-a-good-year-for-squid.html 
🔥🔥
 
Published: 2021 08 13 21:28:16
Received: 2021 08 13 22:04:57
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Using AI to Scale Spear Phishing - published about 3 years ago.
Content: The problem with spear phishing is that it takes time and creativity to create individualized enticing phishing emails. Researchers are using GPT-3 to attempt to solve that problem: The researchers used OpenAI’s GPT-3 platform in conjunction with other AI-as-a-service products focused on personality analysis to generate phishing emails tailored to their coll...
https://www.schneier.com/blog/archives/2021/08/using-ai-to-scale-spear-phishing.html 
🔥🔥
 
Published: 2021 08 13 11:16:00
Received: 2021 08 13 12:06:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:04 Friday Squid Blogging: Squid Dog Toy
🔥🔥
22:04 Friday Squid Blogging: A Good Year for Squid?
🔥🔥
12:06 Using AI to Scale Spear Phishing
🔥🔥
Articles recieved 12/08/2021
Article: Apple Adds a Backdoor to iMessage and iCloud Storage - published about 3 years ago.
Content: Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. (Here are five news stories.) I have been following the details, and discussing it in several different email lists. I don’t have time right now to delve into the details, but wanted to post something. EFF writes: There are two main features that the company...
https://www.schneier.com/blog/archives/2021/08/apple-adds-a-backdoor-to-imesssage-and-icloud-storage.html 
🔥🔥
 
Published: 2021 08 10 11:37:30
Received: 2021 08 12 05:05:04
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Cobalt Strike Vulnerability Affects Botnet Servers - published about 3 years ago.
Content: Cobalt Strike is a security tool, used by penetration testers to simulate network attackers. But it’s also used by attackers — from criminals to governments — to automate their own attacks. Researchers have found a vulnerability in the product. The main components of the security tool are the Cobalt Strike client — also known as a Beacon — and the Cobalt Str...
https://www.schneier.com/blog/archives/2021/08/cobolt-strike-vulnerability-affects-botnet-servers.html 
🔥🔥
 
Published: 2021 08 11 11:42:27
Received: 2021 08 12 05:05:04
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
05:05 Apple Adds a Backdoor to iMessage and iCloud Storage
🔥🔥
05:05 Cobalt Strike Vulnerability Affects Botnet Servers
🔥🔥
Articles recieved 11/08/2021
Article: Cobolt Strike Vulnerability Affects Botnet Servers - published about 3 years ago.
Content: Cobolt Strike is a security tool, used by penetration testers to simulate network attackers. But it’s also used by attackers — from criminals to governments — to automate their own attacks. Researchers have found a vulnerability in the product. The main components of the security tool are the Cobalt Strike client — also known as a Beacon — and the Cobalt Str...
https://www.schneier.com/blog/archives/2021/08/cobolt-strike-vulnerability-affects-botnet-servers.html 
🔥🔥
 
Published: 2021 08 11 11:42:27
Received: 2021 08 11 12:05:12
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Cobolt Strike Vulnerability Affects Botnet Servers
🔥🔥
Articles recieved 10/08/2021
Article: Apple Adds a Backdoor to iMesssage and iCloud Storage - published about 3 years ago.
Content: Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. (Here are five news stories.) I have been following the details, and discussing it in several different email lists. I don’t have time right now to delve into the details, but wanted to post something. EFF writes: There are two main features that the company...
https://www.schneier.com/blog/archives/2021/08/apple-adds-a-backdoor-to-imesssage-and-icloud-storage.html 
🔥🔥
 
Published: 2021 08 10 11:37:30
Received: 2021 08 10 12:06:01
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:06 Apple Adds a Backdoor to iMesssage and iCloud Storage
🔥🔥
Articles recieved 09/08/2021
Article: Defeating Microsoft’s Trusted Platform Module - published about 3 years ago.
Content: This is a really interesting story explaining how to defeat Microsoft’s TPM in 30 minutes — without having to solder anything to the motherboard. Researchers at the security consultancy Dolos Group, hired to test the security of one client’s network, received a new Lenovo computer preconfigured to use the standard security stack for the organization. They re...
https://www.schneier.com/blog/archives/2021/08/defeating-microsofts-trusted-platform-module.html 
🔥🔥
 
Published: 2021 08 09 11:19:49
Received: 2021 08 09 12:05:09
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Defeating Microsoft’s Trusted Platform Module
🔥🔥
Articles recieved 06/08/2021
Article: Squid Dog Toy - published about 3 years ago.
Content: It’s sold out, but the pictures are cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/08/squid-dog-toy.html 
🔥🔥
 
Published: 2021 08 06 21:05:38
Received: 2021 08 06 22:05:09
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Using “Master Faces” to Bypass Face-Recognition Authenticating Systems - published about 3 years ago.
Content: Fascinating research: “Generating Master Faces for Dictionary Attacks with a Network-Assisted Latent Space Evolution.” Abstract: A master face is a face image that passes face-based identity-authentication for a large portion of the population. These faces can be used to impersonate, with a high probability of success, any user, without having access to any ...
https://www.schneier.com/blog/archives/2021/08/using-master-faces-to-bypass-face-recognition-authenticating-systems.html 
🔥🔥
 
Published: 2021 08 06 11:44:53
Received: 2021 08 06 12:05:02
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Squid Dog Toy
🔥🔥
12:05 Using “Master Faces” to Bypass Face-Recognition Authenticating Systems
🔥🔥
Articles recieved 05/08/2021
Article: Zoom Lied about End-to-End Encryption - published about 3 years ago.
Content: The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent. The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at US District Court for the Northern District of Californ...
https://www.schneier.com/blog/archives/2021/08/zoom-lied-about-end-to-end-encryption.html 
🔥🔥
 
Published: 2021 08 05 11:25:58
Received: 2021 08 05 12:05:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Zoom Lied about End-to-End Encryption
🔥🔥
Articles recieved 03/08/2021
Article: Paragon: Yet Another Cyberweapons Arms Manufacturer - published about 3 years ago.
Content: Forbes has the story: Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said. One other spyware industry executive said it a...
https://www.schneier.com/blog/archives/2021/08/paragon-yet-another-cyberweapons-arms-manufacturer.html 
🔥🔥
 
Published: 2021 08 03 11:44:47
Received: 2021 08 03 12:05:29
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Paragon: Yet Another Cyberweapons Arms Manufacturer
🔥🔥
Articles recieved 02/08/2021
Article: The European Space Agency Launches Hackable Satellite - published about 3 years ago.
Content: Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […] Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. […] The satellite can detect and characterise any rogue emissions, enabling it to respond dynamically to accide...
https://www.schneier.com/blog/archives/2021/08/the-european-space-agency-launches-hackable-satellite.html 
🔥🔥
 
Published: 2021 08 02 11:46:55
Received: 2021 08 02 12:05:47
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 The European Space Agency Launches Hackable Satellite
🔥🔥
Articles recieved 30/07/2021
Article: Friday Squid Blogging: Squid Skin Is Naturally Anti-microbial - published about 3 years ago.
Content: Often it feels like squid just evolved better than us mammals. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/07/friday-squid-blogging-squid-skin-is-naturally-anti-microbial.html 
🔥🔥
 
Published: 2021 07 30 21:13:48
Received: 2021 07 30 22:04:52
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: I Am Parting With My Crypto Library - published about 3 years ago.
Content: The time has come for me to find a new home for my (paper) cryptography library. It’s about 150 linear feet of books, conference proceedings, journals, and monographs — mostly from the 1980s, 1990s, and 2000s. My preference is that it goes to an educational institution, but will consider a corporate or personal home if that’s the only option available. If yo...
https://www.schneier.com/blog/archives/2021/07/i-am-parting-with-my-crypto-library.html 
🔥🔥
 
Published: 2021 07 30 17:13:20
Received: 2021 07 30 18:05:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Storing Encrypted Photos in Google’s Cloud - published about 3 years ago.
Content: New paper: “Encrypted Cloud Photo Storage Using Google Photos“: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and more photos in the cloud, significant privacy concerns arise because even a single compromise of a user’s credentials gi...
https://www.schneier.com/blog/archives/2021/07/storing-encrypted-photos-in-googles-cloud.html 
🔥🔥
 
Published: 2021 07 30 11:34:12
Received: 2021 07 30 12:05:00
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:04 Friday Squid Blogging: Squid Skin Is Naturally Anti-microbial
🔥🔥
18:05 I Am Parting With My Crypto Library
🔥🔥
12:05 Storing Encrypted Photos in Google’s Cloud
🔥🔥
Articles recieved 29/07/2021
Article: AirDropped Gun Photo Causes Terrorist Scare - published about 3 years ago.
Content: A teenager on an airplane sent a photo of a replica gun via AirDrop to everyone who had their settings configured to receive unsolicited photos from strangers. This caused a three-hour delay as the plane — still at the gate — was evacuated and searched. The teen was not allowed to reboard. I can’t find any information about whether he was charged with any of...
https://www.schneier.com/blog/archives/2021/07/airdropped-gun-photo-causes-terrorist-scare.html 
🔥🔥
 
Published: 2021 07 29 11:52:48
Received: 2021 07 29 12:05:14
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 AirDropped Gun Photo Causes Terrorist Scare
🔥🔥
Articles recieved 28/07/2021
Article: De-anonymization Story - published about 3 years ago.
Content: This is important: Monsignor Jeffrey Burrill was general secretary of the US Conference of Catholic Bishops (USCCB), effectively the highest-ranking priest in the US who is not a bishop, before records of Grindr usage obtained from data brokers was correlated with his apartment, place of work, vacation home, family members’ addresses, and more. […] The data ...
https://www.schneier.com/blog/archives/2021/07/de-anonymization-story.html 
🔥🔥
 
Published: 2021 07 28 11:03:57
Received: 2021 07 28 11:05:05
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
11:05 De-anonymization Story
🔥🔥
Articles recieved 27/07/2021
Article: Hiding Malware in ML Models - published about 3 years ago.
Content: Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models”. Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models. Neural network models are poorly explainable and ha...
https://www.schneier.com/blog/archives/2021/07/hiding-malware-in-ml-models.html 
🔥🔥
 
Published: 2021 07 27 11:25:59
Received: 2021 07 27 12:05:12
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Hiding Malware in ML Models
🔥🔥
Articles recieved 26/07/2021
Article: Disrupting Ransomware by Disrupting Bitcoin - published about 3 years ago.
Content: Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons. The first is the realization that no one values data more than its original owner, and it makes more sense to ransom it back to them — sometimes with the added extortion of threatening to make it pub...
https://www.schneier.com/blog/archives/2021/07/disrupting-ransomware-by-disrupting-bitcoin.html 
🔥🔥
 
Published: 2021 07 26 11:30:39
Received: 2021 07 26 12:05:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Disrupting Ransomware by Disrupting Bitcoin
🔥🔥
Articles recieved 23/07/2021
Article: Friday Squid Blogging: The Evolution of Squid - published about 3 years ago.
Content: Good video about the evolutionary history of squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/07/friday-squid-blogging-the-evolution-of-squid.html 
🔥🔥
 
Published: 2021 07 23 20:58:31
Received: 2021 07 23 21:05:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Nasty Windows Printer Driver Vulnerability - published about 3 years ago.
Content: From SentinelLabs, a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines. If exploited, cyberattackers could bypass security products; install programs; view, change,...
https://www.schneier.com/blog/archives/2021/07/nasty-printer-driver-vulnerability.html 
🔥🔥
 
Published: 2021 07 22 15:41:58
Received: 2021 07 23 14:05:01
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Commercial Location Data Used to Out Priest - published about 3 years ago.
Content: A Catholic priest was outed through commercially available surveillance data. Vice has a good analysis: The news starkly demonstrates not only the inherent power of location data, but how the chance to wield that power has trickled down from corporations and intelligence agencies to essentially any sort of disgruntled, unscrupulous, or dangerous individual. ...
https://www.schneier.com/blog/archives/2021/07/commercial-location-data-used-to-out-priest.html 
🔥🔥
 
Published: 2021 07 23 13:58:33
Received: 2021 07 23 14:05:01
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
21:05 Friday Squid Blogging: The Evolution of Squid
🔥🔥
14:05 Nasty Windows Printer Driver Vulnerability
🔥🔥
14:05 Commercial Location Data Used to Out Priest
🔥🔥
Articles recieved 22/07/2021
Article: Nasty Printer Driver Vulnerability - published about 3 years ago.
Content: From SentinelLabs, a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines. If exploited, cyberattackers could bypass security products; install programs; view, change,...
https://www.schneier.com/blog/archives/2021/07/nasty-printer-driver-vulnerability.html 
🔥🔥
 
Published: 2021 07 22 15:41:58
Received: 2021 07 22 16:07:11
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:07 Nasty Printer Driver Vulnerability
🔥🔥
Articles recieved 20/07/2021
Article: NSO Group Hacked - published about 3 years ago.
Content: NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormous trove of documents was leaked to journalists. There’s a lot to read out there. Amnesty International has a report. Citizen...
https://www.schneier.com/blog/archives/2021/07/nso-group-hacked.html 
🔥🔥
 
Published: 2021 07 20 18:50:56
Received: 2021 07 20 19:05:08
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
19:05 NSO Group Hacked
🔥🔥
Articles recieved 19/07/2021
Article: Candiru: Another Cyberweapons Arms Manufacturer - published about 3 years ago.
Content: Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru. From the report: Summary: Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts. Using Internet scanning we ...
https://www.schneier.com/blog/archives/2021/07/candiru-another-cyberweapons-arms-manufacturer.html 
🔥🔥
 
Published: 2021 07 19 15:54:58
Received: 2021 07 19 16:05:07
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:05 Candiru: Another Cyberweapons Arms Manufacturer
🔥🔥
Articles recieved 16/07/2021
Article: Friday Squid Blogging: Giant Squid Model - published about 3 years ago.
Content: Pretty wooden model. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
https://www.schneier.com/blog/archives/2021/07/friday-squid-blogging-giant-squid-model.html 
🔥🔥
 
Published: 2021 07 16 21:12:12
Received: 2021 07 16 22:05:07
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: REvil is Off-Line - published about 3 years ago.
Content: This is an interesting development: Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American targets, the most aggressive of the groups suddenly went off-line early Tuesday. […] Gone was the publicly available “happy blog” the group maintained, listing some of its victims and the group...
https://www.schneier.com/blog/archives/2021/07/revil-is-off-line.html 
🔥🔥
 
Published: 2021 07 16 20:03:13
Received: 2021 07 16 20:05:04
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Friday Squid Blogging: Giant Squid Model
🔥🔥
20:05 REvil is Off-Line
🔥🔥
Articles recieved 15/07/2021
Article: Colorado Passes Consumer Privacy Law - published about 3 years ago.
Content: First California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws.
https://www.schneier.com/blog/archives/2021/07/colorado-passes-consumer-privacy-law.html 
🔥🔥
 
Published: 2021 07 15 11:08:02
Received: 2021 07 15 12:05:18
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Colorado Passes Consumer Privacy Law
🔥🔥
Articles recieved 14/07/2021
Article: China Taking Control of Zero-Day Exploits - published about 3 years ago.
Content: China is making sure that all newly discovered zero-day exploits are disclosed to the government. Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make. No information can be given to “overseas organizations or individuals” other than the product’s manufacturer. No one may “collect, se...
https://www.schneier.com/blog/archives/2021/07/china-taking-control-of-zero-day-exploits.html 
🔥🔥
 
Published: 2021 07 14 11:04:46
Received: 2021 07 14 12:05:12
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 China Taking Control of Zero-Day Exploits
🔥🔥
Articles recieved 13/07/2021
Article: Iranian State-Sponsored Hacking Attempts - published about 3 years ago.
Content: Interesting attack: Masquerading as UK scholars with the University of London’s School of Oriental and African Studies (SOAS), the threat actor TA453 has been covertly approaching individuals since at least January 2021 to solicit sensitive information. The threat actor, an APT who we assess with high confidence supports Islamic Revolutionary Guard Corps (IR...
https://www.schneier.com/blog/archives/2021/07/iranian-state-sponsored-hacking-attempts.html 
🔥🔥
 
Published: 2021 07 13 14:04:19
Received: 2021 07 13 15:05:20
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
15:05 Iranian State-Sponsored Hacking Attempts
🔥🔥
Articles recieved 12/07/2021
Article: Analysis of the FBI’s Anom Phone - published about 3 years ago.
Content: Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting.
https://www.schneier.com/blog/archives/2021/07/analysis-of-the-fbis-anom-phone.html 
🔥🔥
 
Published: 2021 07 12 16:58:12
Received: 2021 07 12 17:05:10
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
17:05 Analysis of the FBI’s Anom Phone
🔥🔥
Articles recieved 09/07/2021
Article: Friday Squid Blogging: Squid-Related Game - published over 3 years ago.
Content: It’s called “Squid Fishering.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/07/friday-squid-blogging-squid-related-game.html 
🔥🔥
 
Published: 2021 07 09 21:03:11
Received: 2021 07 09 22:05:29
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Friday Squid Blogging: Squid-Related Game
🔥🔥
Articles recieved 08/07/2021
Article: Details of the REvil Ransomware Attack - published over 3 years ago.
Content: ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision. According to Cybereason, the REvil affiliates first gained access to targeted environments and then used the zero-day in the Kaseya Agent Monitor to gain administrative control over the tar...
https://www.schneier.com/blog/archives/2021/07/details-of-the-revil-ransomware-attack.html 
🔥🔥
 
Published: 2021 07 08 15:06:31
Received: 2021 07 08 16:05:14
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:05 Details of the REvil Ransomware Attack
🔥🔥
Articles recieved 06/07/2021
Article: Vulnerability in the Kaspersky Password Manager - published over 3 years ago.
Content: A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time. ...
https://www.schneier.com/blog/archives/2021/07/vulnerability-in-the-kaspersky-password-manager.html 
🔥🔥
 
Published: 2021 07 06 14:27:47
Received: 2021 07 06 15:05:00
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
15:05 Vulnerability in the Kaspersky Password Manager
🔥🔥
Articles recieved 05/07/2021
Article: Stealing Xbox Codes - published over 3 years ago.
Content: Detailed story of Volodymyr Kvashuk, a Microsoft insider who noticed a bug in the company’s internal systems that allowed him to create unlimited Xbox gift cards, and stole $10.1 million before he was caught.
https://www.schneier.com/blog/archives/2021/07/stealing-xbox-codes.html 
🔥🔥
 
Published: 2021 07 05 11:11:07
Received: 2021 07 05 12:05:04
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Stealing Xbox Codes
🔥🔥
Articles recieved 02/07/2021
Article: Friday Squid Blogging: Best Squid-Related Headline - published over 3 years ago.
Content: From the New York Times: “When an Eel Climbs a Ramp to Eat Squid From a Clamp, That’s a Moray.” The article is about the eel; the squid is just eel food. But still…. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/07/friday-squid-blogging-best-squid-related-headline.html 
🔥🔥
 
Published: 2021 07 02 21:06:18
Received: 2021 07 02 22:05:02
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: More Russian Hacking - published over 3 years ago.
Content: Two reports this week. The first is from Microsoft, which wrote: As part of our investigation into this ongoing activity, we also detected information-stealing malware on a machine belonging to one of our customer support agents with access to basic account information for a small number of our customers. The actor used this information in some cases to laun...
https://www.schneier.com/blog/archives/2021/07/more-russian-hacking.html 
🔥🔥
 
Published: 2021 07 02 11:26:06
Received: 2021 07 02 12:05:07
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Friday Squid Blogging: Best Squid-Related Headline
🔥🔥
12:05 More Russian Hacking
🔥🔥
Articles recieved 01/07/2021
Article: Insurance and Ransomware - published over 3 years ago.
Content: As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. However, the most pressing challenge currently facing the industry is ransomware. Although it is a societal problem, cyber insurers ha...
https://www.schneier.com/blog/archives/2021/07/insurance-and-ransomware.html 
🔥🔥
 
Published: 2021 07 01 16:01:50
Received: 2021 07 01 16:06:40
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:06 Insurance and Ransomware
🔥🔥
Articles recieved 29/06/2021
Article: Risks of Evidentiary Software - published over 3 years ago.
Content: Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it. The software engineers proposed a three-part test. Fir...
https://www.schneier.com/blog/archives/2021/06/risks-of-evidentiary-software.html 
🔥🔥
 
Published: 2021 06 29 14:12:45
Received: 2021 06 29 15:05:18
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
15:05 Risks of Evidentiary Software
🔥🔥
Articles recieved 28/06/2021
Article: NFC Flaws in POS Devices and ATMs - published over 3 years ago.
Content: It’s a series of vulnerabilities: Josep Rodriguez, a researcher and consultant at security firm IOActive, has spent the last year digging up and reporting vulnerabilities in the so-called near-field communications reader chips used in millions of ATMs and point-of-sale systems worldwide. NFC systems are what let you wave a credit card over a reader — rather ...
https://www.schneier.com/blog/archives/2021/06/nfc-flaws-in-pos-devices-and-atms.html 
🔥🔥
 
Published: 2021 06 28 11:53:45
Received: 2021 06 28 12:05:04
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 NFC Flaws in POS Devices and ATMs
🔥🔥
Articles recieved 25/06/2021
Article: Friday Squid Blogging: Colossal Squid Photographed off the Coast of Antarctica - published over 3 years ago.
Content: Wow. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
https://www.schneier.com/blog/archives/2021/06/friday-squid-blogging-colossal-squid-photographed-off-the-coast-of-antarctica.html 
🔥🔥
 
Published: 2021 06 25 21:20:00
Received: 2021 06 25 22:05:38
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: AI-Piloted Fighter Jets - published over 3 years ago.
Content: News from Georgetown’s Center for Security and Emerging Technology: China Claims Its AI Can Beat Human Pilots in Battle: Chinese state media reported that an AI system had successfully defeated human pilots during simulated dogfights. According to the Global Times report, the system had shot down several PLA pilots during a handful of virtual exercises in re...
https://www.schneier.com/blog/archives/2021/06/ai-piloted-fighter-jets.html 
🔥🔥
 
Published: 2021 06 25 13:53:27
Received: 2021 06 25 14:05:18
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Friday Squid Blogging: Colossal Squid Photographed off the Coast of Antarctica
🔥🔥
14:05 AI-Piloted Fighter Jets
🔥🔥
Articles recieved 24/06/2021
Article: Banning Surveillance-Based Advertising - published over 3 years ago.
Content: The Norwegian Consumer Council just published a fantastic new report: “Time to Ban Surveillance-Based Advertising.” From the Introduction: The challenges caused and entrenched by surveillance-based advertising include, but are not limited to: privacy and data protection infringements opaque business models manipulation and discrimination at scale fraud and ...
https://www.schneier.com/blog/archives/2021/06/banning-surveillance-based-advertising.html 
🔥🔥
 
Published: 2021 06 24 14:44:39
Received: 2021 06 24 15:05:06
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
15:05 Banning Surveillance-Based Advertising
🔥🔥
Articles recieved 23/06/2021
Article: Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer - published over 3 years ago.
Content: Wired is reporting on a company called Mollitiam Industries: Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and microphone. Its spyware is also said to be equipp...
https://www.schneier.com/blog/archives/2021/06/mollitiam-industries-is-the-newest-cyberweapons-arms-manufacturer.html 
🔥🔥
 
Published: 2021 06 23 11:01:53
Received: 2021 06 23 11:06:14
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
11:06 Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer
🔥🔥
Articles recieved 22/06/2021
Article: Apple Will Offer Onion Routing for iCloud/Safari Users - published over 3 years ago.
Content: At this year’s Apple Worldwide Developer Conference, Apple announced something called “iCloud Private Relay.” That’s basically its private version of onion routing, which is what Tor does. Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if you’re an iCloud Plus subscriber and you have it enabled from within your...
https://www.schneier.com/blog/archives/2021/06/apple-will-offer-onion-routing-for-icloud-safari-users.html 
🔥🔥
 
Published: 2021 06 22 11:54:09
Received: 2021 06 22 12:05:22
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Apple Will Offer Onion Routing for iCloud/Safari Users
🔥🔥
Articles recieved 21/06/2021
Article: The Future of Machine Learning and Cybersecurity - published over 3 years ago.
Content: The Center for Security and Emerging Technology has a new report: “Machine Learning and Cybersecurity: Hype and Reality.” Here’s the bottom line: The report offers four conclusions: Machine learning can help defenders more accurately detect and triage potential attacks. However, in many cases these technologies are elaborations on long-standing methods — no...
https://www.schneier.com/blog/archives/2021/06/the-future-of-machine-learning-and-cybersecurity.html 
🔥🔥
 
Published: 2021 06 21 11:31:24
Received: 2021 06 21 12:06:21
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:06 The Future of Machine Learning and Cybersecurity
🔥🔥
Articles recieved 18/06/2021
Article: Friday Squid Blogging: Video of Giant Squid Hunting Prey - published over 3 years ago.
Content: Fantastic video of a giant squid hunting at depths between 1,827 and 3,117 feet. This is a follow-on from this post. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/06/friday-squid-blogging-video-of-giant-squid-hunting-prey.html 
🔥🔥
 
Published: 2021 06 18 21:06:44
Received: 2021 06 18 22:05:37
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Peloton Vulnerability Found and Fixed - published over 3 years ago.
Content: Researchers have discovered a vulnerability in Peloton stationary bicycles, one that would give the attacker complete control over the device. The attack requires physical access to the Peloton, so it’s not really a practical attack. President Biden’s Peloton was not in danger. ...
https://www.schneier.com/blog/archives/2021/06/peloton-vulnerability-found-and-fixed.html 
🔥🔥
 
Published: 2021 06 18 11:18:28
Received: 2021 06 18 12:05:35
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Friday Squid Blogging: Video of Giant Squid Hunting Prey
🔥🔥
12:05 Peloton Vulnerability Found and Fixed
🔥🔥
Articles recieved 17/06/2021
Article: Intentional Flaw in GPRS Encryption Algorithm GEA-1 - published over 3 years ago.
Content: General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. Although the algorithm has a 64-bit key, the effective key length is only 40 bits, due to “an exc...
https://www.schneier.com/blog/archives/2021/06/intentional-flaw-in-gprs-encryption-algorithm-gea-1.html 
🔥🔥
 
Published: 2021 06 17 18:51:41
Received: 2021 06 17 19:05:03
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Paul van Oorschot’s Computer Security and the Internet - published over 3 years ago.
Content: Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading.
https://www.schneier.com/blog/archives/2021/06/paul-van-oorschots-computer-security-and-the-internet.html 
🔥🔥
 
Published: 2021 06 17 11:25:54
Received: 2021 06 17 12:05:03
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
19:05 Intentional Flaw in GPRS Encryption Algorithm GEA-1
🔥🔥
12:05 Paul van Oorschot’s Computer Security and the Internet
🔥🔥
Articles recieved 16/06/2021
Article: VPNs and Trust - published over 3 years ago.
Content: TorrentFreak surveyed nineteen VPN providers, asking them questions about their privacy practices: what data they keep, how they respond to court order, what country they are incorporated in, and so on. Most interesting to me is the home countries of these companies. Express VPN is incorporated in the British Virgin Islands. NordVPN is incorporated in Panama...
https://www.schneier.com/blog/archives/2021/06/vpns-and-trust.html 
🔥🔥
 
Published: 2021 06 16 11:17:53
Received: 2021 06 16 12:05:28
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 VPNs and Trust
🔥🔥
Articles recieved 15/06/2021
Article: Andrew Appel on New Hampshire’s Election Audit - published over 3 years ago.
Content: Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire. Based on preliminary reports published by the team of experts that New Hampshire engaged to examine an election discrepancy, it appears that a buildup of dust in the read heads of optical-scan voting machines (possibly over several years of use) can...
https://www.schneier.com/blog/archives/2021/06/andrew-appel-on-new-hampshires-election-audit.html 
🔥🔥
 
Published: 2021 06 15 15:45:12
Received: 2021 06 15 16:05:11
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
16:05 Andrew Appel on New Hampshire’s Election Audit
🔥🔥
Articles recieved 14/06/2021
Article: Upcoming Speaking Engagements - published over 2 years ago.
Content: This is a current list of where and when I am scheduled to speak: I’m giving an online-only talk on “Securing a World of Physically Capable Computers” as part of Teleport’s Security Visionaries 2022 series, on January 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m speaking at the 14th International Conference on Cyber Conflict, CyCon...
https://www.schneier.com/blog/archives/2022/01/upcoming-speaking-engagements-16.html 
🔥🔥
 
Published: 2022 01 14 18:02:41
Received: 2021 06 14 17:05:32
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: TikTok Can Now Collect Biometric Data - published over 3 years ago.
Content: This is probably worth paying attention to: A change to TikTok’s U.S. privacy policy on Wednesday introduced a new section that says the social video app “may collect biometric identifiers and biometric information” from its users’ content. This includes things like “faceprints and voiceprints,” the policy explained. Reached for comment, TikTok could not con...
https://www.schneier.com/blog/archives/2021/06/tiktok-can-now-collect-biometric-data.html 
🔥🔥
 
Published: 2021 06 14 15:11:11
Received: 2021 06 14 16:05:35
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
17:05 Upcoming Speaking Engagements
🔥🔥
16:05 TikTok Can Now Collect Biometric Data
🔥🔥
Articles recieved 11/06/2021
Article: Friday Squid Blogging: Fossil of Squid Eating and Being Eaten - published over 3 years ago.
Content: We now have a fossil of a squid eating a crustacean while it is being eaten by a shark. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/06/friday-squid-blogging-fossil-of-squid-eating-and-being-eaten.html 
🔥🔥
 
Published: 2021 06 11 21:18:48
Received: 2021 06 11 22:05:12
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: FBI/AFP-Run Encrypted Phone - published over 3 years ago.
Content: For three years, the Federal Bureau of Investigation and the Australian Federal Police owned and operated a commercial encrypted phone app, called AN0M, that was used by organized crime around the world. Of course, the police were able to read everything — I don’t even know if this qualifies as a backdoor. This week, the world’s police organizations announce...
https://www.schneier.com/blog/archives/2021/06/fbi-afp-run-encrypted-phone.html 
🔥🔥
 
Published: 2021 06 11 11:32:38
Received: 2021 06 11 12:05:13
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
22:05 Friday Squid Blogging: Fossil of Squid Eating and Being Eaten
🔥🔥
12:05 FBI/AFP-Run Encrypted Phone
🔥🔥
Articles recieved 10/06/2021
Article: Detecting Deepfake Picture Editing - published over 3 years ago.
Content: “Markpainting” is a clever technique to watermark photos in such a way that makes it easier to detect ML-based manipulation: An image owner can modify their image in subtle ways which are not themselves very visible, but will sabotage any attempt to inpaint it by adding visible information determined in advance by the markpainter. One application is tamper-r...
https://www.schneier.com/blog/archives/2021/06/detecting-deepfake-picture-editing.html 
🔥🔥
 
Published: 2021 06 10 11:19:19
Received: 2021 06 10 12:05:33
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 Detecting Deepfake Picture Editing
🔥🔥
Articles recieved 09/06/2021
Article: Information Flows and Democracy - published over 3 years ago.
Content: Henry Farrell and I published a paper on fixing American democracy: “Rechanneling Beliefs: How Information Flows Hinder or Help Democracy.” It’s much easier for democratic stability to break down than most people realize, but this doesn’t mean we must despair over the future. It’s possible, though very difficult, to back away from our current situation towar...
https://www.schneier.com/blog/archives/2021/06/information-flows-and-democracy.html 
🔥🔥
 
Published: 2021 06 09 11:46:32
Received: 2021 06 09 12:06:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:06 Information Flows and Democracy
🔥🔥
Articles recieved 08/06/2021
Article: Vulnerabilities in Weapons Systems - published over 3 years ago.
Content: “If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.” That was Bruce’s response at a conference hosted by US Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the Internet. That may be necessary to keep in touch with civilian companies lik...
https://www.schneier.com/blog/archives/2021/06/vulnerabilities-in-weapons-systems.html 
🔥🔥
 
Published: 2021 06 08 10:32:33
Received: 2021 06 08 11:05:22
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
11:05 Vulnerabilities in Weapons Systems
🔥🔥
Articles recieved 07/06/2021
Article: The Supreme Court Narrowed the CFAA - published over 3 years ago.
Content: In a 6-3 ruling, the Supreme Court just narrowed the scope of the Computer Fraud and Abuse Act: In a ruling delivered today, the court sided with Van Buren and overturned his 18-month conviction. In a 37-page opinion written and delivered by Justice Amy Coney Barrett, the court explained that the “exceeds authorized access” language was, indeed, too broad. J...
https://www.schneier.com/blog/archives/2021/06/the-supreme-court-narrowed-the-cfaa.html 
🔥🔥
 
Published: 2021 06 07 11:09:24
Received: 2021 06 07 12:05:11
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
12:05 The Supreme Court Narrowed the CFAA
🔥🔥
Articles recieved 06/06/2021
Article: Friday Squid Blogging: Picking up Squid on the Beach - published over 3 years ago.
Content: Make sure they’re dead. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/05/friday-squid-blogging-picking-up-squid-on-the-beach.html 
🔥🔥
 
Published: 2021 05 21 21:02:31
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: AIs and Fake Comments - published over 3 years ago.
Content: This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn’t another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of US democracy ­– the ability of citizens to express their voice to the...
https://www.schneier.com/blog/archives/2021/05/ais-and-fake-comments.html 
🔥🔥
 
Published: 2021 05 24 11:20:05
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: New Disk Wiping Malware Targets Israel - published over 3 years ago.
Content: Apostle seems to be a new strain of malware that destroys data. In a post published Tuesday, SentinelOne researchers said they assessed with high confidence that based on the code and the servers Apostle reported to, the malware was being used by a newly discovered group with ties to the Iranian government. While a ransomware note the researchers recovered s...
https://www.schneier.com/blog/archives/2021/05/new-disk-wiping-malware-targets-israel.html 
🔥🔥
 
Published: 2021 05 26 14:33:19
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: The Story of the 2011 RSA Hack - published over 3 years ago.
Content: Really good long article about the Chinese hacking of RSA, Inc. They were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come.
https://www.schneier.com/blog/archives/2021/05/the-story-of-the-2011-rsa-hack.html 
🔥🔥
 
Published: 2021 05 27 11:41:26
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: The Misaligned Incentives for Cloud Security - published over 3 years ago.
Content: Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and US federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems...
https://www.schneier.com/blog/archives/2021/05/the-misaligned-incentives-for-cloud-security.html 
🔥🔥
 
Published: 2021 05 28 11:20:29
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Friday Squid Blogging: Underwater Cameras for Observing Squid - published over 3 years ago.
Content: Interesting research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/05/friday-squid-blogging-underwater-cameras-for-observing-squid.html 
🔥🔥
 
Published: 2021 05 28 21:09:28
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Security Vulnerability in Apple’s Silicon “M1” Chip - published over 3 years ago.
Content: The website for the M1racles security vulnerability is an excellent demonstration that not all vulnerabilities are exploitable. Be sure to read the FAQ through to the end. EDITED TO ADD: Wired article.
https://www.schneier.com/blog/archives/2021/06/security-vulnerability-in-apples-silicon-m1-chip.html 
🔥🔥
 
Published: 2021 06 01 11:26:41
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: The DarkSide Ransomware Gang - published over 3 years ago.
Content: The New York Times has a long story on the DarkSide ransomware gang. A glimpse into DarkSide’s secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions of dollars in ransom payments each month. DarkSide offers what is known as “ransomware as a service,” in which a malware dev...
https://www.schneier.com/blog/archives/2021/06/the-darkside-ransomware-gang.html 
🔥🔥
 
Published: 2021 06 02 14:09:56
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Security and Human Behavior (SHB) 2021 - published over 3 years ago.
Content: Today is the second day of the fourteenth Workshop on Security and Human Behavior. The University of Cambridge is the host, but we’re all on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself. The forty or so attendees incl...
https://www.schneier.com/blog/archives/2021/06/security-and-human-behavior-shb-2021.html 
🔥🔥
 
Published: 2021 06 04 11:05:21
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
Article: Friday Squid Blogging: Squids in Space - published over 3 years ago.
Content: NASA is sending baby bobtail squid into space. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. ...
https://www.schneier.com/blog/archives/2021/06/friday-squid-blogging-squids-in-space.html 
🔥🔥
 
Published: 2021 06 04 20:43:16
Received: 2021 06 06 09:05:17
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security
09:05 Friday Squid Blogging: Picking up Squid on the Beach
🔥🔥
09:05 AIs and Fake Comments
🔥🔥
09:05 New Disk Wiping Malware Targets Israel
🔥🔥
09:05 The Story of the 2011 RSA Hack
🔥🔥
09:05 The Misaligned Incentives for Cloud Security
🔥🔥
09:05 Friday Squid Blogging: Underwater Cameras for Observing Squid
🔥🔥
09:05 Security Vulnerability in Apple’s Silicon “M1” Chip
🔥🔥
09:05 The DarkSide Ransomware Gang
🔥🔥
09:05 Security and Human Behavior (SHB) 2021
🔥🔥
09:05 Friday Squid Blogging: Squids in Space
🔥🔥
Cyber Tzar Free Score Certificate
Cyber Tzar Free Score Certificate
Cyber Tzar Your Score Explained
Cyber Tzar Your Score Explained
Cyber Tzar Gold Score Certificate
Cyber Tzar Gold Score Certificate
Cyber Tzar Score Analysis
Cyber Tzar Score Analysis
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 1,246
  • "Home" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
  • Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
  • Authors is the most poorly serviced field in the articles we see from cyber security news providers.
  • Only Published Date selections use the articles Published Date (for ordering and grouping).
  • The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
  • All subsequent pages show fifty items.
  • Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
  • Return to the top of this page "Go Now"

Custom HTML Block

Click to Open Code Editor