Friday Squid Blogging: Creating Batteries Out of Squid Cells
This is fascinating:
“When a squid ends up chipping what’s called its ring tooth, which is the nail underneath its tentacle, it needs to regrow that tooth very rapidly, otherwise it can’t claw its prey,” he explains.
This was intriguing news...
A Hacker’s Mind News
My latest book continues to sell well. Its ranking hovers between 1,500 and 2,000 on Amazon. It’s been spied in airports.
Reviews are consistently good. I have been enjoying giving podcast interviews. It all feels pretty good right now.
You can...
Exploding USB Sticks
In case you don’t have enough to worry about, people are hiding explosives—actual ones—in USB sticks:
In the port city of Guayaquil, journalist Lenin Artieda of the Ecuavisa private TV station received an envelope containing a pen drive which exploded...
Mass Ransomware Attack
A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack:
TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims...
ChatGPT Privacy Flaw
OpenAI has disabled ChatGPT’s privacy history, almost certainly because they had a security flaw where users were seeing each others’ histories.
US Citizen Hacked by Spyware
The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware.
A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap...
Friday Squid Blogging: New Species of Vampire Squid Lives 3,000 Feet below Sea Level
At least, it seems to be a new species.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak:
I’m speaking on “How to Reclaim Power in the Digital World” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM CET.
I’ll be...
How AI Could Write Our Laws
By Nathan E. Sanders & Bruce Schneier
Nearly 90% of the multibillion-dollar federal lobbying apparatus in the United States serves corporate interests. In some cases, the objective of that money is obvious. Google pours millions into lobbying on bills related...
NetWire Remote Access Trojan Maker Arrested
From Brian Krebs:
A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with...
Friday Squid Blogging: Chinese Squid Fishing in the Southeast Pacific
Chinese squid fishing boats are overwhelming Ecuador and Peru.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Elephant Hackers
An elephant uses its right-of-way privileges to stop sugar-cane trucks and grab food.
Another Malware with Persistence
Here’s a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates.
On Thursday, security firm Mandiant published a report that said threat actors with a suspected nexus to China were engaged in a campaign to maintain...
BlackLotus Malware Hijacks Windows Secure Boot Process
Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.”
Dubbed BlackLotus, the malware is what’s known as a UEFI bootkit....
Prompt Injection Attacks on Large Language Models
This is a good survey on prompt injection attacks on large language models (like ChatGPT).
Abstract: We are currently witnessing dramatic advances in the capabilities of Large Language Models (LLMs). They are already being adopted in practice and integrated into...
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability.
Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal...
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week.
The glitch, which came to light on...
US Charges 20-Year-Old Head of Hacker Site BreachForums
The US Justice Department charged Conor Brian Fitzpatrick, founder of BreachForums, a major underground website for computer hackers.
The post US Charges 20-Year-Old Head of Hacker Site BreachForums appeared first on SecurityWeek.
Dish customers struggle with service disruptions weeks after ransomware attack
Customers complain that they are still having payment issues and are not able to contact customer service weeks after Dish Network suffered a ransomware attack.
CISA announced the Pre-Ransomware Notifications initiative
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs.
The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of...
