Communications of the ACM

News

NIST Post-Quantum Cryptography Candidate Cracked

It took researchers in Belgium just an hour to crack the SIKE cryptographic algorithm.

From ACM News David Geer
Commissioned by CACM Staff | January 24, 2023

An edited collection of advanced computing news from Communications of the ACM, ACM TechNews, other ACM resources, and news sites around the Web.

From ACM TechNews

Some Top 100,000 Websites Collect Everything You Type--Before You Hit Submit

Researchers analyzed the top 100,000 websites and found a significant number record some or all of visitors' typewritten data. Ars Technica
From ACM TechNews | May 16, 2022

From ACM TechNews

Apple, Google, Microsoft Want to Kill the Password with 'Passkey' Standard

Apple, Google, and Microsoft are launching a "joint effort" to "expand support for a common password-less sign-in standard created by the FIDO Alliance and the... Ars Technica
From ACM TechNews | May 9, 2022

From ACM TechNews

Gear from Netgear, Linksys, 200 Others Has Unpatched DNS Poisoning Flaw

Researchers at security firm Nozomi Networks identified an unpatched vulnerability in third-party code libraries used by 200 hardware and software vendors. Ars Technica
From ACM TechNews | May 6, 2022

From ACM TechNews

Your iOS App May Still Be Covertly Tracking You, Despite What Apple Says

Researchers at the U.K.’s University of Oxford found that iOS apps can still track users without explicit permission. Ars Technica
From ACM TechNews | April 25, 2022

From ACM TechNews

Apple Rushes Out Patches for Zero-Days Threatening iOS, macOS Users

Apple recently released patches for two critical zero-day vulnerabilities discovered by an anonymous researcher that affect the operating systems of iPhones, iPads... Ars Technica
From ACM TechNews | April 7, 2022

From ACM TechNews

Researchers Use Decommissioned Satellite to Broadcast Hacker TV

Researchers in the Shadytel telecommunications and embedded device hacking group used a decommissioned Canadian satellite to broadcast a livestream to the Northern... Ars Technica
From ACM TechNews | April 6, 2022

From ACM TechNews

Data-Harvesting Code in Mobile Apps Sends User Data to 'Russia's Google'

A researcher found that Yandex, known as "Russia's Google," embedded code in apps for mobile devices that allows data to be sent to servers in Russia. Ars Technica
From ACM TechNews | April 4, 2022

From ACM TechNews

Behold, a Password Phishing Site that Can Trick Even Savvy Users

A proof-of-concept "browser in the browser" exploit could phish passwords using a malicious site that does not contain suspicious domains or substitute letters.... Ars Technica
From ACM TechNews | March 29, 2022

From ACM TechNews

New Attack Amplifies DDoSes by 4 Billion-Fold

New technique also stretches out distributed denial of service durations to 14 hours. Ars Technica
From ACM TechNews | March 17, 2022

From ACM TechNews

Bug Lurking for 12 Years Gives Attackers Root on Most Major Linux Distros

Polkit, a system-wide privilege manager for Unix-like operating systems, contains a 12-year-old memory-corruption vulnerability. Ars Technica
From ACM TechNews | January 31, 2022

From ACM TechNews

Booby-Trapped Sites Delivered Potent Backdoor Trojan to macOS Users

Security researchers have uncovered macOS malware that can be installed by exploits almost impossible for most users to detect. Ars Technica
From ACM TechNews | January 28, 2022