Charles V of Spain Secret Code Cracked
Diplomatic code cracked after 500 years:
In painstaking work backed by computers, Pierrot found “distinct families” of about 120 symbols used by Charles V. “Whole words are encrypted with a single symbol” and the emperor replaced vowels coming after consonants...
Computer Repair Technicians Are Stealing Your Data
Laptop technicians routinely violate the privacy of the people whose computers they repair:
Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The logs showed that technicians from six...
The US Has a Shortage of Bomb-Sniffing Dogs
Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs:
Last month, the US Government Accountability Office (GAO) released a nearly 100-page report about working dogs and the need for federal agencies to better safeguard their health...
Apple’s Device Analytics Can Identify iCloud Users
Researchers claim that supposedly anonymous device analytics information can identify users:
On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific...
Breaking the Zeppelin Ransomware Encryption Scheme
Brian Krebs writes about how the Zeppelin ransomware encryption scheme was broken:
The researchers said their break came when they understood that while Zeppelin used three different types of encryption keys to encrypt files, they could undo the whole scheme...
Friday Squid Blogging: Squid Brains
Researchers have new evidence of how squid brains develop:
Researchers from the FAS Center for Systems Biology describe how they used a new live-imaging technique to watch neurons being created in the embryo in almost real-time. They were then able...
First Review of A Hacker’s Mind
Kirkus reviews A Hacker’s Mind:
A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost.
Schneier, a professor at Harvard Kennedy School and author of such books as Data...
Successful Hack of Time-Triggered Ethernet
Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it:
On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The...
Failures in Twitter’s Two-Factor Authentication System
Twitter is having intermittent problems with its two-factor authentication system:
Not all users are having problems receiving SMS authentication codes, and those who rely on an authenticator app or physical authentication token to secure their Twitter account may not have...
Russian Software Company Pretending to Be American
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian.
According to company documents publicly filed in Russia and reviewed by Reuters,...
Another Event-Related Spyware App
Last month, we were warned not to install Qatar’s World Cup app because it was spyware. This month, it’s Egypt’s COP27 Summit app:
The app is being promoted as a tool to help attendees navigate the event. But it risks...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak:
I’m speaking at the 24th International Information Security Conference in Madrid, Spain, on November 17, 2022.
The list is maintained on this page.
A Digital Red Cross
The International Committee of the Red Cross wants some digital equivalent to the iconic red cross, to alert would-be hackers that they are accessing a medical network.
The emblem wouldn’t provide technical cybersecurity protection to hospitals, Red Cross infrastructure or...
Friday Squid Blogging: Squid Purse
Perfect for an evening out.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
New Book: A Hacker’s Mind
I have a new book coming out in February. It’s about hacking.
A Hacker’s Mind: How the Powerful Bend Society’s Rules, and How to Bend them Back isn’t about hacking computer systems; it’s about hacking more general economic, political, and...
Gartner: How to Respond to the 2022 Cyberthreat Landscape
A new Gartner® report, How to Respond to the 2022 Cyberthreat Landscape, focuses on the new threats organizations will face as they prepare for the future of work and accelerate digital transformations. Gartner’s advice will help security and risk...
Gartner MQ WAAP 2022
Research shows that web applications and API attacks continued to explode in the first half of 2022. Does your organization have the best defense today? Akamai recommends deploying a holistic web application and API protection (WAAP) solution. The right...
How Akamai Helps to Mitigate the OWASP API Security Top 10 Vulnerabilities
Experts warn that API attacks will soon become the most common type of web application attack. As a result, organizations and their security vendors need to align across people, processes, and technologies to institute the right protections. The Open...
What is Account Takeover and How to Prevent It in 2022
An account takeover (ATO), in which criminals impersonate legitimate account owners to take control of an account, are on the rise in Asia and across the world. Fraudsters are swindling money and digital assets from consumers across industries, with...
The OWASP Top 10 – How Akamai Helps
OWASP publishes a list of the 10 most common vulnerabilities in web applications. This white paper details how Akamai can help mitigate these threat vectors.
The post The OWASP Top 10 – How Akamai Helps appeared first on TechRepublic.
