Informations about SSL certificates and networks security
This is rare: An about 3-meter-long giant squid was found stranded on a beach here on April 20, in what local authorities said was a rare occurrence. At around 10 a.m., a nearby resident spotted the squid at Ugu beach in Obama, Fukui Prefecture, on the Sea of Japan coast. According to the Obama Municipal … Read More “Friday Squid Blogging: Ten-Foot Long Squid Washed onto Japanese Shore — ALIVE” »
New research: “Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps“: Abstract: In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces — bedrooms, living rooms, and kitchens — into semi-public extensions of the office. And for the most part, users have accepted these apps in their … Read More “Video Conferencing Apps Sometimes Ignore the Mute Button” »
Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country … Read More “Microsoft Issues Report of Russian Cyberattacks against Ukraine” »
Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities reported in 2021. Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark … Read More “Zero-Day Vulnerabilities Are on the Rise” »
SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “Thank you for paying your bill, … Read More “SMS Phishing Attacks are on the Rise” »
Interesting: Drawing inspiration from cephalopod skin, engineers at the University of California, Irvine invented an adaptive composite material that can insulate beverage cups, restaurant to-go bags, parcel boxes and even shipping containers. […] “The metal islands in our composite material are next to one another when the material is relaxed and become separated when the … Read More “Friday Squid Blogging: Squid Skin–Inspired Insulating Material” »
Interesting implementation mistake: The vulnerability, which Oracle patched on Tuesday, affects the company’s implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally. […] ECDSA signatures rely on a pseudo-random number, typically notated as K, … Read More “Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries” »
Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists. Powered by WPeMatico
Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved … Read More “Clever Cryptocurrency Theft” »
New paper: “Planting Undetectable Backdoors in Machine Learning Models: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier … Read More “Undetectable Backdoors in Machine-Learning Models” »