Sign In

Communications of the ACM

Blogroll



On Chinese-Owned Technology Platforms
From Schneier on Security

On Chinese-Owned Technology Platforms

I am a co-author on a report published by the Hoover Institution: “Chinese Technology Platforms Operating in the United States.” From a blog post: The report suggests...

Twelve-Year-Old Vulnerability Found in Windows Defender
From Schneier on Security

Twelve-Year-Old Vulnerability Found in Windows Defender

Researchers found, and Microsoft has patched, a vulnerability in Windows Defender that has been around for twelve years. There is no evidence that anyone has used...

Dependency Confusion: Another Supply-Chain Vulnerability
From Schneier on Security

Dependency Confusion: Another Supply-Chain Vulnerability

Alex Birsan writes about being able to install malware into proprietary corporate software by naming the code files to be identical to internal corporate code files...

GPS Vulnerabilities
From Schneier on Security

GPS Vulnerabilities

Really good op-ed in the New York Times about how vulnerable the GPS system is to interference, spoofing, and jamming — and potential alternatives. The 2018 National...

Router Security
From Schneier on Security

Router Security

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security. Conclusion...

US Cyber Command Valentine’s Day Cryptography Puzzles
From Schneier on Security

US Cyber Command Valentine’s Day Cryptography Puzzles

The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link...

Chinese Supply-Chain Attack on Computer Systems
From Schneier on Security

Chinese Supply-Chain Attack on Computer Systems

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008....

Browser Tracking Using Favicons
From Schneier on Security

Browser Tracking Using Favicons

Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the...

Virginia Data Privacy Law
From Schneier on Security

Virginia Data Privacy Law

Virginia is about to get a data privacy law, modeled on California’s law.

WEIS 2021 Call for Papers
From Schneier on Security

WEIS 2021 Call for Papers

The 20th Annual Workshop on the Economics of Information Security (WEIS 2021) will be held online in June. We just published the call for papers.

Malicious Barcode Scanner App
From Schneier on Security

Malicious Barcode Scanner App

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. It’s been around since 2017...

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed
From Schneier on Security

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down...

On Vulnerability-Adjacent Vulnerabilities
From Schneier on Security

On Vulnerability-Adjacent Vulnerabilities

At the virtual Engima Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors...

Medieval Security Techniques
From Schneier on Security

Medieval Security Techniques

Sonja Drummer describes (with photographs) two medieval security techniques. The first is a for authentication: a document has been cut in half with an irregular...

Attack against Florida Water Treatment Facility
From Schneier on Security

Attack against Florida Water Treatment Facility

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide...

Friday Squid Blogging: Live Giant Squid Found in Japan
From Schneier on Security

Friday Squid Blogging: Live Giant Squid Found in Japan

A giant squid was found alive in the port of Izumo, Japan. Not a lot of news, just this Twitter thread (with a couple of videos). If confirmed, I believe this will...

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish
From Schneier on Security

Friday Squid Blogging: Amazing Video of a Black-Eyed Squid Trying to Eat an Owlfish

From the Monterey Bay Aquarium. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting...

Friday Squid Blogging: Flying Squid
From Schneier on Security

Friday Squid Blogging: Flying Squid

How squid fly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

Ransomware Profitability
From Schneier on Security

Ransomware Profitability

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the...

SonicWall Zero-Day
From Schneier on Security

SonicWall Zero-Day

Hackers are exploiting zero-day in SonicWall: In an email, an NCC Group spokeswoman wrote: “Our team has observed signs of an attempted exploitation of a vulnerabilitythat...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account