Lohrman on Security

NOVEMBER 14, 2021

The newly approved federal infrastructure deal brings with it a great holiday present for state and local governments: dedicated cyber funding. Here’s the history, and the future, of cyber grants.

Government 321

Government 321

Schneier on Security

AUGUST 29, 2024

Listening to it, and thinking about the audience of NSA engineers, I wonder how much of what she’s talking about as the future of computing—miniaturization, parallelization—was being done in the present and in secret.

Engineering 338

Engineering Internet Internet 338

Schneier on Security

OCTOBER 11, 2022

Next, we demonstrate that some backdoors, such as ImpNet, can only be reliably detected at the stage where they are inserted and removing them anywhere else presents a significant challenge.

Architecture 363

Architecture Software 363

Schneier on Security

SEPTEMBER 2, 2024

The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA agent their employee number and airline. Various forms of ID need to be presented while the TSA agent’s laptop verifies the employment status with the airline.

Authentication 306

Authentication 306

Schneier on Security

JANUARY 10, 2024

“BK presents Hangover Whopper, a technology that scans your hangover level and offers a discount on the ideal combo to help combat it.” ” The stunt runs until January 2nd.

Marketing 323

Marketing Technology 323

Schneier on Security

AUGUST 6, 2021

The results we present demonstrate that it is possible to obtain a high coverage of the population (over 40%) with less than 10 master faces, for three leading deep face recognition systems. Two good articles.

Authentication 364

Authentication 364

Schneier on Security

DECEMBER 13, 2021

. “If our investigation shall show these actions indeed happened with NSO’s tools, such customer will be terminated permanently and legal actions will take place,” said an NSO spokesperson, who added that NSO will also “cooperate with any relevant government authority and present the full information we will have.”

Spyware 343

Spyware Internet Internet Government 343

Schneier on Security

JULY 27, 2021

In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models. Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models” Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns.

Malware 363

Malware Artificial Intelligence Antivirus Engineering 363

Schneier on Security

APRIL 15, 2024

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems. A few things to note. One, this paper has not yet been peer reviewed.

320

320

Schneier on Security

OCTOBER 2, 2020

Though we rarely or acknowledge it, this presumed future world is the horizon towards which everything we do in the present is oriented. Our present relations to people and things are, in this deep way, future-oriented. Symphonies are written, buildings built, children conceived in the present, but always with a future in mind.

Education 363

Education Risk 363

Schneier on Security

AUGUST 12, 2024

In this paper, we present a taxonomy of GenAI misuse tactics, informed by existing academic literature and a qualitative analysis of approximately 200 observed incidents of misuse reported between January 2023 and March 2024.

Artificial Intelligence 314

Artificial Intelligence Risk 314

Schneier on Security

AUGUST 4, 2022

We present an efficient key recovery attack on the Supersingular Isogeny Diffie­-Hellman protocol (SIDH), based on a “glue-and-split” theorem due to Kani. SIKE is one of the new algorithms that NIST recently added to the post-quantum cryptography competition. It was just broken , really badly.

Encryption 315

Encryption 315

Schneier on Security

SEPTEMBER 17, 2024

Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present.

Malware 295

Malware Social Engineering Engineering Hacking 295

Troy Hunt

DECEMBER 7, 2021

Actually, I'll rephrase that: because he was a normal guy; he's not normal anymore because yesterday I carved out some time to give him an early Christmas present: Today I spent an hour getting a mate into @1Password. Not upset, that was still a great value Christmas present, but this is, well, literally twice as great value!

Passwords 338

Passwords Password Management Banking Accountability 338

Schneier on Security

MARCH 8, 2024

We also present a comprehensive taxonomical ontology of the types of adversarial prompts. We elicit 600K+ adversarial prompts against three state-of-the-art LLMs. We describe the dataset, which empirically verifies that current LLMs can indeed be manipulated via prompt hacking.

Hacking 326

Hacking Artificial Intelligence 326

Schneier on Security

JULY 3, 2024

It’s a serious one : The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk.

Firewall 342

Firewall Data breaches Malware Risk 342

Schneier on Security

JULY 13, 2021

These connection attempts were detailed and extensive, often including lengthy conversations prior to presenting the next stage in the attack chain. Identified targets included experts in Middle Eastern affairs from think tanks, senior professors from well-known academic institutions, and journalists specializing in Middle Eastern coverage.

Hacking 363

Hacking Phishing Accountability Cybersecurity 363

Tech Republic Security

OCTOBER 22, 2024

A study at Rensselaer Polytechnic Institute presented at ISC2 Security Congress compared ChatGPT-written training prompted by security experts and prompt engineers.

Engineering 207

Engineering Artificial Intelligence Technology Cybersecurity 207

Schneier on Security

DECEMBER 22, 2022

Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes.

Authentication 72

Authentication 72

Schneier on Security

MAY 25, 2022

If an adversary can manipulate the order in which batches of training data are presented to the model, they can undermine both its integrity (by poisoning it) and its availability (by causing training to be less effective, or take longer). Our latest paper shows that’s not necessary at all.

Engineering 350

Engineering 350

Schneier on Security

NOVEMBER 12, 2021

Pangu Lab’s researchers presented the exploit at a security conference in China in April of this year, a few months before hackers used it against Hong Kong users. The exploit was discovered in August. Apple patched the vulnerability in September.

Hacking 327

Hacking Malware Cybersecurity 327

Schneier on Security

NOVEMBER 16, 2022

On social media and in US regulatory filings, however, it presents itself as a US company, based at various times in California, Maryland, and Washington, DC, Reuters found. It employs around 40 people and reported revenue of 143,270,000 rubles ($2.4 mln) last year. Pushwoosh is registered with the Russian government to pay taxes in Russia.

Software 335

Software Media Government 335

Schneier on Security

MARCH 15, 2021

This paper presents the first comprehensive security and privacy analysis of OF. While OF is not the first system of its kind, it is the first to commit to strong privacy goals. In particular, OF aims to ensure finder anonymity, untrackability of owner devices, and confidentiality of location reports.

Engineering 363

Engineering Internet Internet 363

Schneier on Security

JANUARY 17, 2023

Someone at the NSA gave a presentation on this ten years ago. (I Without the FBI deploying some form of surveillance technique, or Al-Azhari using another method to visit the site which exposed their IP address, this should not have been possible. There are lots of ways to de-anonymize Tor users.

Surveillance 361

Surveillance Media Hacking 361

Schneier on Security

AUGUST 13, 2021

Defcon presentation and slides. Combine it with voice and video synthesis, and you have some pretty scary scenarios. The real risk isn’t that AI-generated phishing emails are as good as human-generated ones, it’s that they can be generated at much greater scale. Another news article.

Phishing 359

Phishing Risk Social Engineering Artificial Intelligence 359

Tech Republic Security

JULY 31, 2024

The CVE-2024-37085 vulnerability is present in VMware ESXi hypervisors and has been used to deploy ransomware, according to Microsoft.

Ransomware 189

Ransomware Cybersecurity 189

Schneier on Security

NOVEMBER 19, 2021

Research published on Monday presented a new Rowhammer technique. In all three cases, these “aggressor” rows — meaning those that cause bitflips in nearby “victim” rows — are accessed the same number of times. It uses non-uniform patterns that access two or more aggressor rows with different frequencies.

320

320

Schneier on Security

JANUARY 8, 2024

Each panel has six speakers, each of whom presents for ten minutes. The short presentations means that no one can get too deep into details or jargon. I used a workshop format I and others invented for another interdisciplinary workshop: Security and Human Behavior, or SHB. It’s a two-day event. Each day has four ninety-minute panels.

Technology 293

Technology 293

Schneier on Security

JANUARY 14, 2022

We will present a novel approach of using side channel information to identify the kinds of threats that are targeting the device. They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.

Malware 339

Malware IoT Firmware Internet 339

Schneier on Security

FEBRUARY 23, 2023

The US and its allies have an imperative to strengthen the capabilities necessary to deter and respond to aggression that is ever more present in cyberspace. The conflict in Ukraine is resetting the table across the globe for geopolitics and international security.

Government 346

Government 346

Schneier on Security

APRIL 6, 2023

As a challenge to this assumption, this paper presents the Achilles Heel hypothesis which states that even a potentially superintelligent system may nonetheless have stable decision-theoretic delusions which cause them to make irrational decisions in adversarial settings.

Artificial Intelligence 282

Artificial Intelligence 282

Schneier on Security

OCTOBER 10, 2023

Many versions of this problem have been studied over the last 30 years, and the best current attack on ReLU-based deep neural networks was presented at Crypto’20 by Carlini, Jagielski, and Mironov.

325

325

Schneier on Security

DECEMBER 15, 2020

Volexity was able to confirm that session hijacking was not involved and, through a memory dump of the OWA server, could also confirm that the attacker had presented cookie tied to a Duo MFA session named duo-sid. The logs from the Duo authentication server further showed that no attempts had been made to log into the account in question.

Authentication 358

Authentication Passwords Accountability Network Security 358

Schneier on Security

JULY 3, 2023

.” […] While self-driving services like Waymo and Cruise have yet to achieve the same level of market penetration as Ring, the wide range of video they capture while completing their routes presents other opportunities.

Surveillance 358

Surveillance Marketing Technology 358

Joseph Steinberg

JUNE 10, 2022

Additionally, while VMware’s customers obviously invest in areas of cybersecurity related to VMware’s fields of activity, many of Gillis’ observations were both clearly vendor neutral and not limited to VMware’s areas of activity, either applying or not applying to VMware’s competitors as much as they did to VMware. Sampling No Longer Works.

Cybersecurity 363

Cybersecurity Artificial Intelligence CISO Wireless 363

Schneier on Security

JULY 21, 2022

The researchers who performed the assessment believe the same critical vulnerabilities are present in other Micodus tracker models. This is a dangerous vulnerability: An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720 , a GPS tracker that sells for about $20 and is widely available.

Manufacturing 338

Manufacturing Surveillance Mobile Authentication 338

Schneier on Security

APRIL 29, 2022

The paper will be presented at PETS this year. Using network traffic that we intercept en route to the telemetry server, we implement a proof-of-concept background activity classifier and demonstrate the feasibility of inferring the ongoing background activity during a meeting — cooking, cleaning, typing, etc. We achieved 81.9%

Government 333

Government 333