Friday Squid Blogging: Bigfin Squid Found in Australian Waters
A bigfin squid has been found — and filmed — in Australian waters for the first time.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my...
The 2020 Workshop on Economics and Information Security (WEIS)
The workshop on Economics and Information Security is always an interesting conference. This year, it will be online. Here’s the program. Registration is free.
Enigma Machine Recovered from the Baltic Sea
Neat story:
German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during World War Two which they believe was thrown overboard from a scuttled submarine.
Thinking they...
Open Source Does Not Equal Secure
Way back in 1999, I wrote about open-source software:
First, simply publishing the code does not automatically mean that people will examine it for security flaws. Security researchers are fickle and busy people. They do not have the time to...
Impressive iPhone Exploit
This is a scarily impressive vulnerability:
Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device — over Wi-Fi, with...
Manipulating Systems Using Remote Lasers
Many systems are vulnerable:
Researchers at the time said that they were able to launch inaudible commands by shining lasers — from as far as 360 feet — at the microphones on various popular voice assistants, including Amazon Alexa,...
Check Washing
I can’t believe that check washing is still a thing:
“Check washing” is a practice where thieves break into mailboxes (or otherwise steal mail), find envelopes with checks, then use special solvents to remove the information on that check (except...
Friday Squid Blogging: Diplomoceras Maximum
Diplomoceras maximum is an ancient squid-like creature. It lived about 68 million years ago, looked kind of like a giant paperclip, and may have had a lifespan of 200 years.
As usual, you can also use this squid post to...
Undermining Democracy
Last Thursday, Rudy Giuliani, a Trump campaign lawyer, alleged a widespread voting conspiracy involving Venezuela, Cuba, and China. Another lawyer, Sidney Powell, argued that Mr. Trump won in a landslide, the entire election in swing states should be overturned...
Cyber Public Health
In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates to medicine.
On That Dusseldorf Hospital Ransomware Attack and the Resultant Death
Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying. The police wanted to prosecute the ransomware attackers...
More on the Security of the 2020 US Election
Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that while the election seems to have been both secure and...
Indistinguishability Obfuscation
Quanta magazine recently published a breathless article on indistinguishability obfuscation — calling it the “‘crown jewel’ of cryptography” — and saying that it had finally been achieved, based on a recently published paper. I want to add some caveats...
Friday Squid Blogging: Ram’s Horn Squid Video
This is the first video footage of a ram’s horn squid (Spirula spirula) .
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines...
Symantec Reports on Cicada APT Attacks against Japan
Symantec is reporting on an APT group linked to China, named Cicada. They have been attacking organizations in Japan and elsewhere.
Cicada has historically been known to target Japan-linked organizations, and has also targeted MSPs in the past. The group...
Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021
What 20 Leading Cybersecurity Experts Are Predicting For 2021
Italy Says Two Arrested for Defense Data Theft
Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.
The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...
The US Used the Patriot Act to Justify Logging Website Users
Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
