Uncategorized – Page 76 – SSL and internet security news

Microsoft Issues Report of Russian Cyberattacks against Ukraine

April 28, 2022 infossl

cyberattack, cyberespionage, cyberwar, espionage, reports, russia, Security technology, ukraine, Uncategorized

Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war: At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country … Read More “Microsoft Issues Report of Russian Cyberattacks against Ukraine” »

Zero-Day Vulnerabilities Are on the Rise

April 27, 2022 infossl

hacking, malware, ransomware, Security technology, Uncategorized, vulnerabilities, zero-day

Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities reported in 2021. Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. That’s more than double the previous maximum of 28 detected in 2015 and especially stark … Read More “Zero-Day Vulnerabilities Are on the Rise” »

SMS Phishing Attacks are on the Rise

April 25, 2022 infossl

phishing, Security technology, sms, Uncategorized

SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “Thank you for paying your bill, … Read More “SMS Phishing Attacks are on the Rise” »

Friday Squid Blogging: Squid Skin–Inspired Insulating Material

April 22, 2022 infossl

academic papers, Security technology, squid, Uncategorized

Interesting: Drawing inspiration from cephalopod skin, engineers at the University of California, Irvine invented an adaptive composite material that can insulate beverage cups, restaurant to-go bags, parcel boxes and even shipping containers. […] “The metal islands in our composite material are next to one another when the material is relaxed and become separated when the … Read More “Friday Squid Blogging: Squid Skin–Inspired Insulating Material” »

Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries

April 22, 2022 infossl

Security technology, Uncategorized

Interesting implementation mistake: The vulnerability, which Oracle patched on Tuesday, affects the company’s implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally. […] ECDSA signatures rely on a pseudo-random number, typically notated as K, … Read More “Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries” »

Long Article on NSO Group

April 21, 2022 infossl

Security technology, Uncategorized

Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists. Powered by WPeMatico

Clever Cryptocurrency Theft

April 20, 2022 infossl

Security technology, Uncategorized

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved … Read More “Clever Cryptocurrency Theft” »

Undetectable Backdoors in Machine-Learning Models

April 19, 2022 infossl

Security technology, Uncategorized

New paper: “Planting Undetectable Backdoors in Machine Learning Models: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier … Read More “Undetectable Backdoors in Machine-Learning Models” »

Friday Squid Blogging: Strawberry Squid Video

April 15, 2022 infossl

Security technology, squid, Uncategorized

Beautiful video shot off the California coast. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Russian Cyberattack against Ukrainian Power Grid Prevented

April 13, 2022 infossl

cyberattack, cyberwar, cyberweapons, malware, russia, Security technology, ukraine, Uncategorized

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two … Read More “Russian Cyberattack against Ukrainian Power Grid Prevented” »