Computer Security Tip of the Day
August 3rd
Ever wonder just how much information is publicly available about you? Ever wonder how cyber criminals harvest information and customize attacks for their victims? The technique is called Open Source Intelligence (OSINT) and it is far simpler and more pow…
Bruce Schneier on Security
August 3rd
Forbes has the story: Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s Wha…
August 2nd
Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […] Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime.…
July 31st
Often it feels like squid just evolved better than us mammals. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
July 31st
The time has come for me to find a new home for my (paper) cryptography library. It’s about 150 linear feet of books, conference proceedings, journals, and monographs — mostly from the 1980s, 1990s, and 2000s. My preference is that it goes to …
July 30th
New paper: “Encrypted Cloud Photo Storage Using Google Photos“: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and mor…
Dark Reading Security News
July 20th
Limit risk by dividing responsibility for infrastructure, tools, and security.
July 6th
The cybersecurity professionals guarding the Summer Olympics are facing at least as much competition as the athletes, and their failure could have steeper ramifications.
July 2nd
Fancy Bear nation-state hacking team add a modern twist on old-school hacking method by using a cluster of Kubernetes software containers to expedite credential theft.
June 26th
Strengthening their security posture should be at the top of school IT departments' summer to-do list.
June 26th
Challenging common beliefs about best practices in password hygiene.
New Security Threats
August 4th
Fake aerobics-instructor profile delivers malware in a supply-chain attack attempt from TA456.
August 4th
The second quarter of the year saw the highest volumes of ransomware attacks ever, with Ryuk leading the way.
August 4th
An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
August 4th
Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017.
August 3rd
Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware.