games, hacking, Security technology, Uncategorized
Black Hat is a hacker-themed board game. Powered by WPeMatico
Author: infossl
encryption, history of cryptography, Security technology, Uncategorized
Jon D. Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG. Powered by WPeMatico
apple, Citizen Lab, cyberweapons, exploits, iphone, malware, Security technology, Uncategorized
Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file. The victim receives a text message, and then they … Read More “Zero-Click iPhone Exploits” »
cryptanalysis, cryptography, foia, history of cryptography, military, nsa, Security technology, Uncategorized
Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahos’s Military Cryptanalytics, Part III. We just got most of the index. It’s hard to believe that there are any real secrets left in this 44-year-old volume. Powered by WPeMatico
breaches, cybersecurity, data breaches, reports, Security technology, Uncategorized
Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary. Powered by WPeMatico
Security technology, squid, Uncategorized
It’s pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
breaches, cell phones, data breaches, hacking, Security technology, T-Mobile, Uncategorized
Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security. I’ve lost count of how many times T-Mobile has been hacked. Powered by WPeMatico
privilege escalation, Security technology, Uncategorized, vulnerabilities, windows, zero-day
If you plug a Razer peripheral (mouse or keyboard, I think) into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software — which automatically downloads — to gain SYSTEM privileges. It should be noted that this is a local privilege escalation (LPE) vulnerability, which means that you need … Read More “Interesting Privilege Escalation Vulnerability” »
cybersecurity, forensics, internet, privacy, Security technology, surveillance, tracking, traffic analysis, Uncategorized
Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be used for things like tracing VPN activity. At a high level, netflow data creates a picture of traffic flow and volume across a network. It can show which … Read More “Surveillance of the Internet Backbone” »
Security technology, squid, Uncategorized
Interesting National Geographic article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico