A ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days. This is over the top, but is just another example of the extreme pressure…
Category: Schneier on Security
FTC’s Voice Cloning Challenge
The Federal Trade Commission is running a competition “to foster breakthrough ideas on preventing, monitoring, and evaluating malicious voice cloning.” This article has been indexed from Schneier on Security Read the original article: FTC’s Voice Cloning Challenge
Leaving Authentication Credentials in Public Code
Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of…
New SSH Vulnerability
This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is…
Friday Squid Blogging: The History and Morality of US Squid Consumption
Really interesting article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. This article has been indexed from Schneier on Security…
The Privacy Disaster of Modern Smart Cars
Article based on a Mozilla report. This article has been indexed from Schneier on Security Read the original article: The Privacy Disaster of Modern Smart Cars
Online Retail Hack
Selling miniature replicas to unsuspecting shoppers: Online marketplaces sell tiny pink cowboy hats. They also sell miniature pencil sharpeners, palm-size kitchen utensils, scaled-down books and camping chairs so small they evoke the Stonehenge scene in “This Is Spinal Tap.” Many…
Decoupling for Security
This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get the best of both worlds. We can and should get the…
Spaf on the Morris Worm
Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today. This article has been indexed from Schneier on Security Read the original article: Spaf on the Morris Worm
Crashing iPhones with a Flipper Zero
The Flipper Zero is an incredibly versatile hacking device. Now it can be used to <a href=”https://arstechnica.com/security/2023/11/flipper-zero-gadget-that-doses-iphones-takes-once-esoteric-attacks-mainstream/”crash iPhones in its vicinity by sending it a never-ending stream of pop-ups. These types of hacks have been possible for decades, but they…