Security technology, squid
It is traveling to Paris. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Month: March 2019
backdoors, malware, nsa, Security technology, vulnerabilities
This is an interesting story of a serious vulnerability in a Huawei driver that Microsoft found. The vulnerability is similar in style to the NSA’s DOUBLEPULSAR that was leaked by the Shadow Brokers — believed to be the Russian government — and it’s obvious that this attack copied that technique. What is less clear is … Read More “NSA-Inspired Vulnerability Found in Huawei Laptops” »
hacking, malware, Security technology, supplychain
Kaspersky Labs is reporting on a new supply chain attack they call “Shadowhammer.” In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. […] The goal of the … Read More “Malware Installed in Asus Computers through Hacked Update Process” »
incentives, programming, psychologyofsecurity, Security technology, securityengineering
A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they’re not going to do a very good job at it. In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers … Read More “Programmers Who Don’t Understand Security Are Poor at Security” »
computersecurity, dataloss, dataprotection, Security technology
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. Powered by WPeMatico
mail, Security technology, theft, usps
Not email, paper mail: Thieves, often at night, use string to lower glue-covered rodent traps or bottles coated with an adhesive down the chute of a sidewalk mailbox. This bait attaches to the envelopes inside, and the fish in this case — mail containing gift cards, money orders or checks, which can be altered with … Read More “Mail Fishing” »
academicpapers, camouflage, Security technology, squid
From the New York Times: Now, a paper published last week in Nature Communications suggests that their chromatophores, previously thought to be mainly pockets of pigment embedded in their skin, are also equipped with tiny reflectors made of proteins. These reflectors aid the squid to produce such a wide array of colors, including iridescent greens … Read More “Friday Squid Blogging: New Research on Squid Camouflage” »
cryptanalysis, cryptography, encryption, gchq, historyofcryptography, Security technology
GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet. News article. Powered by WPeMatico
edwardsnowden, historyofsecurity, nsa, Security technology
The Daily Beast is reporting that First Look Media — home of The Intercept and Glenn Greenwald — is shutting down access to the Snowden archives. The Intercept was the home for Greenwald’s subset of Snowden’s NSA documents since 2014, after he parted ways with the Guardian the year before. I don’t know the details … Read More “First Look Media Shutting Down Access to Snowden NSA Archives” »
cars, internetofthings, Security technology
This isn’t a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: “an outage experienced by a third party telecommunications vendor disrupted connections between the company’s vehicles and its reservation software.” That didn’t just mean people couldn’t get cars they reserved. Sometimes is meant they couldn’t get the cars … Read More “Zipcar Disruption” »