Category: Uncategorized

Auto Added by WPeMatico

The Conviction of Uber’s Chief Security Officer

Posted on By infossl
courts, cover-ups, cyberattack, cybersecurity, data breaches, data protection, Security technology, uber, Uncategorized

I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a good thing for the industry. I may still write something, … Read More “The Conviction of Uber’s Chief Security Officer” »

Friday Squid Blogging: Newfoundland Giant Squid Sculpture

Posted on By infossl
Security technology, squid, Uncategorized

In 1878, a 55-foot-long giant squid washed up on the shores of Glover’s Harbour, Newfoundland. It’s the largest giant squid ever recorded—although scientists now think that the size was an exaggeration or the result of postmortem stretching—and there’s a full-sized statue of it near the beach where it was found. As usual, you can also … Read More “Friday Squid Blogging: Newfoundland Giant Squid Sculpture” »

NSA on Supply Chain Security

Posted on By infossl
infrastructure, nsa, operational security, reports, Security technology, supply chain, Uncategorized

The NSA (together with CISA) has published a long report on supply-chain security: “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.“: Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the … Read More “NSA on Supply Chain Security” »

Iran’s Digital Surveillance Tools Leaked

Posted on By infossl
iran, leaks, privacy, Security technology, surveillance, Uncategorized

It’s Iran’s turn to have its digital surveillance tools leaked: According to these internal documents, SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones. The tools can slow their data connections … Read More “Iran’s Digital Surveillance Tools Leaked” »

Apple Only Commits to Patching Latest OS Version

Posted on By infossl
apple, ios, patching, Security technology, Uncategorized

People have suspected this for a while, but Apple has made it official. It only commits to fully patching the latest version of its OS, even though it claims to support older versions. From ArsTechnica: In other words, while Apple will provide security-related updates for older versions of its operating systems, only the most recent … Read More “Apple Only Commits to Patching Latest OS Version” »

Friday Squid Blogging: Chinese Squid Fishing

Posted on By infossl
china, Security technology, squid, Uncategorized

China claims that it is “engaging in responsible squid fishing”: Chen Xinjun, dean of the College of Marine Sciences at Shanghai Ocean University, made the remarks in response to recent accusations by foreign reporters and actor Leonardo DiCaprio that China is depleting its own fish stock and that Chinese boats have sailed to other waters … Read More “Friday Squid Blogging: Chinese Squid Fishing” »

Critical Vulnerability in Open SSL

Posted on By infossl
patching, Security technology, ssl, Uncategorized, vulnerabilities

There are no details yet, but it’s really important that you patch Open SSL 3.x when the new version comes out on Tuesday. How bad is “Critical”? According to OpenSSL, an issue of critical severity affects common configurations and is also likely exploitable. It’s likely to be abused to disclose server memory contents, and potentially … Read More “Critical Vulnerability in Open SSL” »

Australia Increases Fines for Massive Data Breaches

Posted on By infossl
australia, cyberattack, data breaches, incentives, Security technology, Uncategorized

After suffering two large, and embarrassing, data breaches in recent weeks, the Australian government increased the fine for serious data breaches from $2.2 million to a minimum of $50 million. (That’s $50 million AUD, or $32 million USD.) This is a welcome change. The problem is one of incentives, and Australia has now increased the … Read More “Australia Increases Fines for Massive Data Breaches” »

On the Randomness of Automatic Card Shufflers

Posted on By infossl
gambling, loopholes, random numbers, Security technology, Uncategorized

Many years ago, Matt Blaze and I talked about getting our hands on a casino-grade automatic shuffler and looking for vulnerabilities. We never did it—I remember that we didn’t even try very hard—but this article shows that we probably would have found non-random properties: …the executives had recently discovered that one of their machines had … Read More “On the Randomness of Automatic Card Shufflers” »

Friday Squid Blogging: The Reproductive Habits of Giant Squid

Posted on By infossl
Security technology, squid, Uncategorized

Interesting: A recent study on giant squid that have washed ashore along the Sea of Japan coast has raised the possibility that the animal has a different reproductive method than many other types of squid. Almost all squid and octopus species are polygamous, with multiple males passing sperm to a single female. Giant squids were … Read More “Friday Squid Blogging: The Reproductive Habits of Giant Squid” »