Hiding Malware in ML Models

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models”.
Abstract: Delivering malware covertly and detection-evadingly is critical to ad... schneier.com/blog/archives/202

Disrupting Ransomware by Disrupting Bitcoin

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for... schneier.com/blog/archives/202

Friday Squid Blogging: The Evolution of Squid

Good video about the evolutionary history of squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my b... schneier.com/blog/archives/202

Commercial Location Data Used to Out Priest

A Catholic priest was outed through commercially available surveillance data. Vice has a good analysis:
The news starkly demonstr... schneier.com/blog/archives/202

-anonymization

NSO Group Hacked

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked. Or, at least, an enormo... schneier.com/blog/archives/202

Candiru: Another Cyberweapons Arms Manufacturer

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru.
From the report</... schneier.com/blog/archives/202

Friday Squid Blogging: Giant Squid Model

Pretty wooden model.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting gu... schneier.com/blog/archives/202

REvil is Off-Line

This is an interesting development:
Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ... schneier.com/blog/archives/202

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak:

I’m speaking at Norbert Wiener in the 21st Century, a virtual conference ... schneier.com/blog/archives/202

Iranian State-Sponsored Hacking Attempts

Interesting attack:
Masquerading as UK scholars with the University of London’s School of Oriental and African St... schneier.com/blog/archives/202

Friday Squid Blogging: Squid-Related Game

It’s called “Squid Fishering.”
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog ... schneier.com/blog/archives/202

Vulnerability in the Kaspersky Password Manager

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords:
The password genera... schneier.com/blog/archives/202

Stealing Xbox Codes

Detailed story of Volodymyr Kvashuk, a Microsoft insider who noticed a bug in the company’s internal systems that allowed him to create unlimited Xbox gift... schneier.com/blog/archives/202

Friday Squid Blogging: Best Squid-Related Headline

From the New York Times: “When an Eel Climbs a Ramp to Eat Squid From a Clamp, That’s a Moray.” The article is about the eel; the squid is j... schneier.com/blog/archives/202

More Russian Hacking

Two reports this week. The first is from Microsoft, which wrote:
As part of our investigation into this ongoing activity, we also detected informati... schneier.com/blog/archives/202

Show older
burn.capital mastodon

Toots for friends