cybersecurity, risk assessment, security analysis, Security technology, threat models, Uncategorized
ArsTechnica’s Sean Gallagher has a two–part article on “securing your digital life.” It’s pretty good. Powered by WPeMatico
Category: Uncategorized
Auto Added by WPeMatico
exploits, gaming consoles, hacking, reverse engineering, Security technology, Uncategorized
I just don’t think it’s possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. The Sony Playstation 5 is the latest example: Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend, with the hacking group Fail0verflow claiming … Read More “Hacking the Sony Playstation 5” »
assassinations, drones, iran, Security technology, Uncategorized
We’ve now had an (unsuccessful) assassination attempt by explosive-laden drones. Powered by WPeMatico
cryptocurrency, fraud, scams, Security technology, squid, Uncategorized
The Squid Game cryptocurrency was a complete scam: The SQUID cryptocurrency peaked at a price of $2,861 before plummeting to $0 around 5:40 a.m. ET., according to the website CoinMarketCap. This kind of theft, commonly called a “rug pull” by crypto investors, happens when the creators of the crypto quickly cash out their coins for … Read More “Friday Squid Blogging: Squid Game Cryptocurrency Was a Scam” »
cyberweapons, national security policy, Security technology, spyware, Uncategorized, zero-day
The Israeli cyberweapons arms manufacturer — and human rights violator, and probably war criminal — NSO Group has been added to the US Department of Commerce’s trade blacklist. US companies and individuals cannot sell to them. Aside from the obvious difficulties this causes, it’ll make it harder for them to buy zero-day vulnerabilities on the … Read More “US Blacklists NSO Group” »
e-mail, fraud, reputation, scams, Security technology, Uncategorized
It turns out that it’s surprisingly easy to create a fake Harvard student and get a harvard.edu email account. Scammers are using that prestigious domain name to shill brands: Basically, it appears that anyone with $300 to spare can – or could, depending on whether Harvard successfully shuts down the practice — advertise nearly anything … Read More “Using Fake Student Accounts to Shill Brands” »
cell phones, identification, Security technology, tracking, Uncategorized
Interesting Twitter thread on how cell phone metadata can be used to identify and track people who don’t want to be identified and tracked. Powered by WPeMatico
academic papers, operating systems, security engineering, Security technology, steganography, Uncategorized, usability, vulnerabilities
Really interesting research demonstrating how to hide vulnerabilities in source code by manipulating how Unicode text is displayed. It’s really clever, and not the sort of attack one would normally think about. From Ross Anderson’s blog: We have discovered ways of manipulating the encoding of source code files so that human viewers and compilers see … Read More “Hiding Vulnerabilities in Source Code” »
cryptocurrency, Security technology, squid, Uncategorized
In what maybe peak hype, Squid Game has its own cryptocurrency. Not in the fictional show, but in real life. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
microsoft, russia, Security technology, supply chain, Uncategorized
Microsoft is reporting that the same attacker that was behind the SolarWinds breach — the Russian SVR, which Microsoft is calling Nobelium — is continuing with similar supply-chain attacks: Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain. This time, … Read More “More Russian SVR Supply-Chain Attacks” »