Sign In

Communications of the ACM

Blogroll



Backdoor Found in Codecov Bash Uploader
From Schneier on Security

Backdoor Found in Codecov Bash Uploader

Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed...

Biden Administration Imposes Sanctions on Russia for SolarWinds
From Schneier on Security

Biden Administration Imposes Sanctions on Russia for SolarWinds

On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposedNew...

Details on the Unlocking of the San Bernardino Terrorist’s iPhone
From Schneier on Security

Details on the Unlocking of the San Bernardino Terrorist’s iPhone

The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called...

NSA Discloses Vulnerabilities in Microsoft Exchange
From Schneier on Security

NSA Discloses Vulnerabilities in Microsoft Exchange

Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA.

DNI’s Annual Threat Assessment
From Schneier on Security

DNI’s Annual Threat Assessment

The office of the Director of National Intelligence released its “Annual Threat Assessment of the U.S. Intelligence Community.” Cybersecurity is covered on pages...

The FBI Is Now Securing Networks Without Their Owners’ Permission
From Schneier on Security

The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the...

Cybersecurity Experts to Follow on Twitter
From Schneier on Security

Cybersecurity Experts to Follow on Twitter

Security Boulevard recently listed the “Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021.” I came in at #7. I thought that was pretty good, especially...

More Biden Cybersecurity Nominations
From Schneier on Security

More Biden Cybersecurity Nominations

News: President Biden announced key cybersecurity leadership nominations Monday, proposing Jen Easterly as the next head of the Cybersecurity and Infrastructure...

Friday Squid Blogging: Blobs of Squid Eggs Found Near Norway
From Schneier on Security

Friday Squid Blogging: Blobs of Squid Eggs Found Near Norway

Divers find three-foot “blobs” — egg sacs of the squid Illex coindetii — off the coast of Norway. As usual, you can also use this squid post to talk about the security...

Friday Squid Blogging: Jurassic Squid and Prey
From Schneier on Security

Friday Squid Blogging: Jurassic Squid and Prey

A 180-million-year-old Vampire squid ancestor was fossilized along with its prey. As usual, you can also use this squid post to talk about the security storieshere...

Backdoor Added — But Found — in PHP
From Schneier on Security

Backdoor Added — But Found — in PHP

Unknown hackers attempted to add a backdoor to the PHP source code. It was two malicious commits, with the subject “fix typo” and the names of known PHP developers...

WTF: Signal Adds Cryptocurrency Support
From Schneier on Security

WTF: Signal Adds Cryptocurrency Support

According to Wired, Signal is adding support for the cryptocurrency MobileCoin, “a form of digital cash designed to work efficiently on mobile devices while protecting...

Google’s Project Zero Finds a Nation-State Zero-Day Operation
From Schneier on Security

Google’s Project Zero Finds a Nation-State Zero-Day Operation

Google’s Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been...

Phone Cloning Scam
From Schneier on Security

Phone Cloning Scam

A newspaper in Malaysia is reporting on a cell phone cloning scam. The scammer convinces the victim to lend them their cell phone, and the scammer quickly clones...

Wi-Fi Devices as Physical Object Sensors
From Schneier on Security

Wi-Fi Devices as Physical Object Sensors

The new 802.11bf standard will turn Wi-Fi devices into object sensors: In three years or so, the Wi-Fi specification is scheduled to get an upgrade that will turn...

Friday Squid Blogging: 500-Million-Year-Old Cephalopod
From Schneier on Security

Friday Squid Blogging: 500-Million-Year-Old Cephalopod

The oldest known cephalopod — the ancestor of all modern octopuses, squid, cuttlefish and nautiluses — is 500 million years old. As usual, you can also use this...

Malware Hidden in Call of Duty Cheating Software
From Schneier on Security

Malware Hidden in Call of Duty Cheating Software

News article: Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack...

Fugitive Identified on YouTube By His Distinctive Tattoos
From Schneier on Security

Fugitive Identified on YouTube By His Distinctive Tattoos

A mafia fugitive hiding out in the Dominican Republic was arrested when investigators found his YouTube cooking channel and identified him by his distinctive arm...

System Update: New Android Malware
From Schneier on Security

System Update: New Android Malware

Researchers have discovered a new Android app called “System Update” that is a sophisticated Remote-Access Trojan (RAT). From a news article: The broad range of...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account