Friday Squid Blogging: Squid Bites Diver
I agree; the diver deserved it.
As usual, you can also use this squid post to talk about the security stories in the news that ... https://www.schneier.com/blog/archives/2022/05/friday-squid-blogging-squid-bites-diver.html
Malware-Infested Smart Card Reader
Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertent... https://www.schneier.com/blog/archives/2022/05/malware-infested-smart-card-reader.html
Manipulating Machine-Learning Systems through the Order of the Training Data
Yet another adversarial ML attack:
Most deep neural networks are trained by stochastic gradient descent. Now “stochastic” is a fancy Greek word f... https://www.schneier.com/blog/archives/2022/05/manipulating-machine-learning-systems-through-the-order-of-the-training-data.html
The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking
Following a recent Supreme Court ruling, the Justice Department will <a href="https://www.justice.gov/opa/pr/department-justice-announ... https://www.schneier.com/blog/archives/2022/05/the-justice-department-will-no-longer-charge-security-researchers-with-criminal-hacking.html
Forging Australian Driver’s Licenses
The New South Wales digital driver’s license has multiple implementation flaws that allow for easy forgeries.
This file is encrypted using AES-256-CBC ... https://www.schneier.com/blog/archives/2022/05/forging-australian-drivers.html
Friday Squid Blogging: Squid Street Art
Pretty.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines <a... https://www.schneier.com/blog/archives/2022/05/friday-squid-blogging-squid-street-art.html
The Onion on Google Map Surveillance
“Google Maps Adds Shortcuts through Houses of People Google Knows Aren’t Home Right Now.”
Excellent satire.... https://www.schneier.com/blog/archives/2022/05/the-onion-on-google-map-surveillance.html
Bluetooth Flaw Allows Remote Unlocking of Digital Locks
Locks that use Bluetooth Low Energy to authenticate keys are vulnerable to remote unlocking. The research focused on Teslas, but... https://www.schneier.com/blog/archives/2022/05/bluetooth-flaw-allows-remote-unlocking-of-digital-locks.html
Websites that Collect Your Data as You Type
A surprising number of websites include JavaScript keyloggers that collect everything you type as you type it, not just when you submit a form.
<blockquo... https://www.schneier.com/blog/archives/2022/05/websites-that-collect-your-data-as-you-type.html
#academicpapers #datacollection #Uncategorized #keylogging #privacy
iPhone Malware that Operates Even When the Phone Is Turned Off
Researchers have demonstrated iPhone malware that works even when the phone is fully shut down.
<b... https://www.schneier.com/blog/archives/2022/05/iphone-malware-that-operates-even-when-the-phone-is-turned-off.html
Attacks on Managed Service Providers Expected to Increase
CISA, NSA, FBI, and similar organizations in the other Five Eyes countries are warning that attacks on MSPs — as a vector to ... https://www.schneier.com/blog/archives/2022/05/attacks-on-managed-service-providers-expected-to-increase.html
#advancedpersistentthreats #nationalsecuritypolicy #infrastructure
The NSA Says that There are No Known Flaws in NIST’s Quantum-Resistant Algorithms
Rob Joyce, the director of cybersecurity at the NSA, said so in an interview:
The NSA already has classif... https://www.schneier.com/blog/archives/2022/05/the-nsa-says-that-there-are-no-known-flaws-in-nists-quantum-resistant-algorithms.html
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak:
I’m speaking on “Securing a World of Physically Capable Computers” at OWASP Belgium’s chapter meeting in Antwerp, B... https://www.schneier.com/blog/archives/2022/05/upcoming-speaking-engagements-19.html
Friday Squid Blogging: Squidmobile
The Squidmobile.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my b... https://www.schneier.com/blog/archives/2022/05/friday-squid-blogging-squidmobile.html
Surveillance by Driverless Car
San Francisco police are using autonomous vehicles as mobile surveillance cameras.
Privacy advoca... https://www.schneier.com/blog/archives/2022/05/surveillance-by-driverless-car.html
ICE Is a Domestic Surveillance Agency
Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US:
When you think about government surveillance in the United States, you likely think of... https://www.schneier.com/blog/archives/2022/05/ice-is-a-domestic-surveillance-agency.html
#nationalsecuritypolicy #Uncategorized #surveillance #privacy #reports #secrecy
Apple Mail Now Blocks Email Trackers
Apple Mail now blocks email trackers by default.
Most email newsletters you get include an invisible “image,” typically ... https://www.schneier.com/blog/archives/2022/05/apple-mail-now-blocks-email-trackers.html
Friday Squid Blogging: Squid Filmed Changing Color for Camouflage Purposes
Video of oval squid (Sepioteuthis lessoniana) changing color in reaction to their background. The <a href... https://www.schneier.com/blog/archives/2022/05/friday-squid-blogging-squid-filmed-changing-color-for-camouflage-purposes.html
Corporate Involvement in International Cybersecurity Treaties
The Paris Call for Trust and Stability in Cyberspace is an initiative launched by French President Emmanuel Macron during the 2018 UNESCO’s Internet Governance Forum. It’s an attempt by the world’s governments to come together and create a s... https://www.schneier.com/blog/archives/2022/05/corporate-involvement-in-international-cybersecurity-treaties.html
15.3 Million Request-Per-Second DDoS Attack
Cloudflare is reporting a large DDoS attack against an unnamed company “operating a crypto launchpad.”
While this isn’t the <a href="https://blog.c... https://www.schneier.com/blog/archives/2022/05/15-3-million-request-per-second-ddos-attack.html
#denialofservice #cryptocurrency #Uncategorized #cyberattack
Automated toots from the Schneier on Security RSS feed. This account is not affiliated with Bruce Schneier.