crime, cyberattack, cybercrime, North Korea, Security technology, Uncategorized
Excellent New Yorker article on North Korea’s offensive cyber capabilities. Powered by WPeMatico
Category: Uncategorized
Auto Added by WPeMatico
backdoors, credentials, hacking, Security technology, supply chain, Uncategorized
Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the … Read More “Backdoor Found in Codecov Bash Uploader” »
cyberespionage, espionage, hacking, national security policy, russia, Security technology, Uncategorized
On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and deter future attacks. I will leave it to those with experience in foreign relations to convince me that the response … Read More “Biden Administration Imposes Sanctions on Russia for SolarWinds” »
apple, exploits, fbi, hacking, iphone, Security technology, terrorism, Uncategorized
The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called Cellebrite. It was actually an Australian company called Azimuth Security. Azimuth specialized in finding significant vulnerabilities. Dowd, a former IBM X-Force researcher whom one peer called … Read More “Details on the Unlocking of the San Bernardino Terrorist’s iPhone” »
Security technology, squid, Uncategorized
Divers find three-foot “blobs” — egg sacs of the squid Illex coindetii — off the coast of Norway. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
cybersecurity, Schneier news, Security technology, twitter, Uncategorized
Security Boulevard recently listed the “Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021.” I came in at #7. I thought that was pretty good, especially since I never tweet. My Twitter feed just mirrors my blog. (If you are one of the 134K people who read me from Twitter, “hi.”) Powered by WPeMatico
disclosure, microsoft, nsa, patching, Security technology, Uncategorized, vulnerabilities
Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA. Powered by WPeMatico
cybersecurity, national security policy, Security technology, supply chain, threat models, Uncategorized
The office of the Director of National Intelligence released its “Annual Threat Assessment of the U.S. Intelligence Community.” Cybersecurity is covered on pages 20-21. Nothing surprising: Cyber threats from nation states and their surrogates will remain acute. States’ increasing use of cyber operations as a tool of national power, including increasing use by militaries around … Read More “DNI’s Annual Threat Assessment” »
cybersecurity, national security policy, nsa, Security technology, Uncategorized
News: President Biden announced key cybersecurity leadership nominations Monday, proposing Jen Easterly as the next head of the Cybersecurity and Infrastructure Security Agency and John “Chris” Inglis as the first ever national cyber director (NCD). I know them both, and think they’re both good choices. More news. Powered by WPeMatico
Security technology, squid, Uncategorized
A 180-million-year-old Vampire squid ancestor was fossilized along with its prey. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico