ransomware, Security technology
Brian Krebs posts a video advertisement for Philadelphia, a ransomware package that you can purchase. Powered by WPeMatico
Category: Security technology
Auto Added by WPeMatico
cia, cryptography, encryption, hacking, malware, Security technology, tradecraft
Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration data that directly relate to tool functionality. Consideration should be made to also only de-obfuscating strings in-memory at the moment the data is needed. When a previously de-obfuscated value … Read More “The CIA's “Development Tradecraft DOs and DON'Ts”” »
childpornography, courts, exploits, fbi, hacking, pornography, Security technology, tor
The Department of Justice is dropping all charges in a child-porn case rather than release the details of a hack against Tor. Powered by WPeMatico
Security technology, squid
Here are some squid cooking tips. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Powered by WPeMatico
audio, internetofthings, interviews, nationalsecuritypolicy, rsa, schneiernews, Security technology
Here’s a video interview I did at RSA on the Internet of Things and security. Powered by WPeMatico
doxing, essays, google, googleglass, hacking, passwords, privacy, Security technology, surveillance
A decade ago, I wrote about the death of ephemeral conversation. As computers were becoming ubiquitous, some unintended changes happened, too. Before computers, what we said disappeared once we’d said it. Neither face-to-face conversations nor telephone conversations were routinely recorded. A permanent communication was something different and special; we called it correspondence. The Internet changed … Read More “Defense Against Doxing” »
browsers, google, microsoft, patching, Security technology, vulnerabilities
Google’s Project Zero is serious about releasing the details of security vulnerabilities 90 days after they alert the vendors, even if they’re unpatched. It just exposed a nasty vulnerability in Microsoft’s browsers. This is the second unpatched Microsoft vulnerability it exposed last week. I’m a big fan of responsible disclosure. The threat to publish vulnerabilities … Read More “Google Discloses Details of an Unpatched Microsoft Vulnerability” »
cia, cryptography, leaks, malware, russia, Security technology, wikileaks
If I had to guess right now, I’d say the documents came from an outsider and not an insider. My reasoning: One, there is absolutely nothing illegal in the contents of any of this stuff. It’s exactly what you’d expect the CIA to be doing in cyberspace. That makes the whistleblower motive less likely. And … Read More “More on the CIA Document Leak” »
cyberattack, cyberwar, nationalsecuritypolicy, northkorea, Security technology
The New York Times is reporting that the US has been conducting offensive cyberattacks against North Korea, in an effort to delay its nuclear weapons program. EDITED TO ADD (3/8): Commentary. Powered by WPeMatico
cia, cyberwar, hacking, malware, redaction, Security technology, wikileaks, zeroday
WikiLeaks just released a cache of 8,761 classified CIA documents from 2012 to 2016, including details of its offensive Internet operations. I have not read through any of them yet. If you see something interesting, tell us in the comments. EDITED TO ADD: There’s a lot in here. Many of the hacking tools are redacted, … Read More “WikiLeaks Releases CIA Hacking Tools” »