Security technology, squid, Uncategorized
The teaser for Squid Game Season Two dropped. Blog moderation policy. Powered by WPeMatico
Month: September 2024
captchas, malware, Security technology, social engineering, Uncategorized
This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line. Clever. Powered by WPeMatico
botnets, china, hacking, Security technology, Uncategorized
The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives. Those devices were used to help infiltrate sensitive networks related to universities, government agencies, telecommunications providers, and media organizations…. … Read More “FBI Shuts Down Chinese Botnet” »
bombs, Hezbollah, Security technology, terrorism, Uncategorized
Wow. It seems they all exploded simultaneously, which means they were triggered. Were they each tampered with physically, or did someone figure out how to trigger a thermal runaway remotely? Supply chain attack? Malicious code update, or natural vulnerability? I have no idea, but I expect we will all learn over the next few days. … Read More “Remotely Exploding Pagers” »
cybersecurity, malware, North Korea, Security technology, social engineering, threat models, Uncategorized
Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, … Read More “Python Developers Targeted with Malware During Fake Job Interviews” »
Internet of Things, patching, Security technology, Uncategorized
CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported. Welcome to the security nightmare that is the Internet of Things. Powered by WPeMatico
Security technology, squid, Uncategorized
This is an odd story of serving squid during legislative negotiations in the Philippines. Powered by WPeMatico
artificial intelligence, democracy, Schneier news, Security technology, TED, Uncategorized, video
Over the summer, I gave a talk about AI and democracy at TedXBillings. The recording is Powered by WPeMatico
cryptography, microsoft, quantum computing, Security technology, Uncategorized
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article: The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum standards formalized last month by the National Institute of Standards and Technology (NIST). The … Read More “Microsoft Is Adding New Cryptography Algorithms” »
academic papers, artificial intelligence, Security technology, Uncategorized
New research evaluating the effectiveness of reward modeling during Reinforcement Learning from Human Feedback (RLHF): “SEAL: Systematic Error Analysis for Value ALignment.” The paper introduces quantitative metrics for evaluating the effectiveness of modeling and aligning human values: Abstract: Reinforcement Learning from Human Feedback (RLHF) aims to align language models (LMs) with human values by training … Read More “Evaluating the Effectiveness of Reward Modeling of Generative AI Systems” »