Wired has an excellent article on China’s APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers’ networks. I am reminded of the NSA’s “I Hunt Sysadmins” presentation, published by the Intercept. Powered by WPeMatico
Month: December 2018
This is almost over: From 1 December 2018 — 6 January 2019, Days of Adriatic squid will take place at restaurants all over north-west Istria. Restaurants will be offering affordable full-course menus based on Adriatic squid, combined with quality local olive oil and fine wines. As usual, you can also use this squid post to … Read More “Friday Squid Blogging: Squid-Focused Menus in Croatia” »
Click Here to Kill Everybody is finally available on Audible.com. I have ten download codes. Not having anything better to do with them, here they are: HADQSSFC98WCQ LDLMC6AJLBDJY YWSY8CXYMQNJ6 JWM7SGNUXX7DB UPKAJ6MHB2LEF M85YN36UR926H 9ULE4NFAH2SLF GU7A79GSDCXAT 9K8Q4RX6DKL84 M92GB246XY7JN Congratulations to the first ten people to try to use them. Powered by WPeMatico
This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced “eve”) used their large reservoir of trusted IP addresses to conceal a fraud that otherwise would have been easy for advertisers to detect. The scheme employed a thousand servers hosted inside data … Read More “Massive Ad Fraud Scheme Relied on BGP Hijacking” »
The New York Times is reporting on the security measures people are using to protect nativity displays. Powered by WPeMatico
Good essay: “Advancing Human-Rights-By-Design In The Dual-Use Technology Industry,” by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses can do far more than these basic measures. They could adopt a “human-rights-by-design” principle whereby they commit to designing tools, technologies, and services to respect human rights by default, rather than permit abuse … Read More “Human Rights by Design” »
Stealing packages from unattended porches is a rapidly rising crime, as more of us order more things by mail. One person hid a glitter bomb and a video recorder in a package, posting the results when thieves opened the box. At least, that’s what might have happened. At least some of the video was faked, … Read More “Glitter Bomb against Package Thieves” »
Last week, the Scientific Working Group on Digital Evidence published a draft document — “SWGDE Position on the Use of MD5 and SHA1 Hash Algorithms in Digital and Multimedia Forensics” — where it accepts the use of MD5 and SHA-1 in digital forensics applications: While SWGDE promotes the adoption of SHA2 and SHA3 by vendors … Read More “MD5 and SHA-1 Still Used in 2018” »
North Korea is engaged in even more illegal squid fishing than previously. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Someone is flying a drone over Gatwick Airport in order to disrupt service: Chris Woodroofe, Gatwick’s chief operating officer, said on Thursday afternoon there had been another drone sighting which meant it was impossible to say when the airport would reopen. He told BBC News: “There are 110,000 passengers due to fly today, and the … Read More “Drone Denial-of-Service Attack against Gatwick Airport” »