Schneier on Security

JULY 2, 2021

Uncategorized cybersecurity hacking malware Microsoft RussiaTwo reports this week.

Hacking 275

Hacking Passwords Accountability Cybersecurity 275

Schneier on Security

DECEMBER 9, 2020

FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security.

Hacking 240

Hacking Government Cyber threats Malware 240

Schneier on Security

APRIL 26, 2021

Hacking is as old as humanity. To date, hacking has exclusively been a human activity. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage. Separately, AIs can engage in something called reward hacking.

Hacking 279

Hacking Artificial Intelligence Engineering Government 279

Schneier on Security

JULY 20, 2021

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked.

Hacking 285

Hacking Spyware Manufacturing Software 285

Schneier on Security

MARCH 26, 2021

Lukasz Olejnik has a good essay on hacking weapons systems. Uncategorized cyberattack cyberweapons hacking infrastructure military national security policy weapons

Hacking 274

Hacking Software Internet Internet 274

Schneier on Security

FEBRUARY 4, 2021

The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies. […]. Uncategorized backdoors China cyberespionage FBI hacking Russia supply chai

Hacking 284

Hacking Software Banking Risk 284

Schneier on Security

SEPTEMBER 29, 2020

As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it.

Hacking 280

Hacking IoT Engineering Internet 280

Schneier on Security

OCTOBER 12, 2020

Five researchers hacked Apple Computer’s networks — not their products — and found fifty-five vulnerabilities. Uncategorized Apple hacking incentives vulnerabilities

Hacking 242

Hacking Accountability 242

Schneier on Security

MARCH 8, 2021

Uncategorized academic papers Adobe hacking signaturesInteresting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content.

Hacking 282

Hacking Authentication 282

Schneier on Security

JULY 3, 2020

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents.

Hacking 271

Hacking Telecommunications Firewall Encryption 271

Krebs on Security

MARCH 4, 2021

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. A note posted by a Verified forum administrator concerning the hack of its registrar in January.

Cybercrime 284

Cybercrime Hacking Passwords DDOS 284

Schneier on Security

MAY 4, 2021

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. Uncategorized cars drones hacking vulnerabilities Wi-Fi

Hacking 285

Hacking Software 285

Schneier on Security

MARCH 23, 2021

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. Uncategorized hacking patching supply chain vulnerabilities

Hacking 188

Hacking Banking Technology Software 188

Schneier on Security

APRIL 2, 2020

accountability breaches disclosure hacking hotelsMarriott announced another data breach, this one affecting 5.2

Hacking 266

Hacking Accountability Government Data breaches 266

Schneier on Security

JULY 21, 2020

This hack targets the firmware on modern power supplies. academicpapers firmware hacking phonesYes, power supplies are also computers.).

Hacking 228

Hacking Firmware 228

Schneier on Security

SEPTEMBER 1, 2020

atms banking cybercrime cybersecurity hacking malware northkorea

Hacking 226

Hacking Government Banking Cybercrime 226

Schneier on Security

SEPTEMBER 3, 2020

cars classbreaks hacking vulnerabilitiesInteresting story of a class break against the entire Tesla fleet.

Hacking 190

Hacking 190

Schneier on Security

SEPTEMBER 4, 2020

artificialintelligence cheating hacking schoolsThe company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.

Hacking 192

Hacking 192

Schneier on Security

AUGUST 13, 2020

Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. academicpapers cybersecurity hacking leaks nationalsecuritypolicy qatar saudiarabia unitedarabemirates

Hacking 231

Hacking Cybersecurity 231

Schneier on Security

MAY 27, 2021

Really good long article about the Chinese hacking of RSA, Inc. Uncategorized China cybersecurity hacking RSA supply chainThey were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come.

Hacking 217

Hacking Authentication Cybersecurity 217

Schneier on Security

SEPTEMBER 21, 2021

Apparently, a nation-state hacked Alaska’s Department of Health and Social Services. Uncategorized cyberespionage hacking healthcare leaks

Hacking 195

Hacking Healthcare 195

Schneier on Security

FEBRUARY 18, 2020

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. authentication hacking vulnerabilities

Hacking 274

Hacking Authentication Internet Internet 274

Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking.

Hacking 273

Hacking Surveillance System Administration Software 273

Schneier on Security

DECEMBER 30, 2019

Lance Vick suggesting that students hack their schools' surveillance systems. generations hacking privacy schools surveillanceThis is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine," he said.

Surveillance 201

Surveillance Hacking 201

Schneier on Security

APRIL 1, 2020

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. darkweb hackingIt's unclear when, or if, it will be back up.

Hacking 211

Hacking 211

Adam Levin

DECEMBER 30, 2020

The post Hacked IoT Devices Livestreaming Swatting Attacks: FBI appeared first on Adam Levin. Data Security Technology featured hacking IoT swatHackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI.

IoT 249

IoT Hacking Manufacturing Internet 249

Schneier on Security

JANUARY 30, 2020

Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information , and then combined it with additional, publicly available information. No surprise: the result was much more detailed and personal.

Hacking 257

Hacking Passwords 257

Schneier on Security

SEPTEMBER 9, 2021

Here’s me in 2015 about this Juniper hack. Uncategorized backdoors China firewall hacking Juniper NSA random numbersWe knew the basics of this story , but it’s good to have more detail. Here’s me in 2007 on the NSA backdoor.

Hacking 229

Hacking Firewall 229

Schneier on Security

OCTOBER 21, 2020

This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Uncategorized China hacking NSA vulnerabilities

Government 226

Government Hacking Internet Internet 226

Schneier on Security

MARCH 10, 2021

Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. Uncategorized China cybersecurity hacking Microsoft patching zero-day

Hacking 285

Hacking Internet Internet Ransomware 285

Schneier on Security

MAY 8, 2019

In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. china disclosure hacking nsa russia vulnerabilities zerodayMost people believe it is a front for the Russian government. Since, then the vulnerabilities and tools have been used by both government and criminals, and put the NSA's ability to secure its own cyberweapons seriously into question.

Hacking 198

Hacking Government 198

Lohrman on Security

JUNE 13, 2021

to hack back against cybercrimminals and hold nation-states responsible. After the recent ransomware attacks against Colonial Pipeline, JBS and others, there are new calls for the U.S. So what now?

Hacking 223

Hacking Ransomware 223

Schneier on Security

MARCH 23, 2020

I previously wrote about hacking voice assistants with lasers. academicpapers android apple google hacking iphone sidechannelattacks smartphones video

Hacking 255

Hacking 255

Adam Levin

OCTOBER 15, 2020

The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The post Norwegian Government Blames Russia for Hacking Campaign appeared first on Adam Levin.

Government 207

Government Hacking Accountability Cybersecurity 207

Schneier on Security

AUGUST 7, 2019

The cell phones of a thousand Brazilians, including senior government officials, was hacked -- seemingly by actors much less sophisticated than rival governments. Brazil's federal police arrested four people for allegedly hacking 1,000 cellphones belonging to various government officials, including that of President Jair Bolsonaro. brazil cellphones cybersecurity hacking

Hacking 176

Hacking Government Cybersecurity 176

Schneier on Security

SEPTEMBER 24, 2020

Government 183

Government Hacking Mobile Encryption 183

Krebs on Security

DECEMBER 14, 2020

FireEye posits the impact of the hack on SolarWinds is widespread, affecting public and private organizations around the world. Communications at the U.S.

Hacking 284

Hacking Antivirus Telecommunications Data breaches 284

Schneier on Security

JUNE 20, 2019

academicpapers hacking hardware securityengineeringSecurity researchers Gabriel Campana and Jean-Baptiste Bédrune are giving a hardware security module (HSM) talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. It will demonstrate several attack paths, some of them allowing unauthenticated attackers to take full control of the HSM.

Hacking 192

Hacking Firmware Manufacturing Banking 192

Heimadal Security

OCTOBER 7, 2021

The post Twitch Was Hacked appeared first on Heimdal Security Blog. Cybersecurity News data breach data leak hacker twitch twitch hackTwitch is a video live streaming service based in the United States that specializes in video game live broadcasting, including esports tournaments.

Hacking 82

Hacking Data breaches Cybersecurity 82

Krebs on Security

DECEMBER 15, 2020

FireEye didn’t explicitly say its own intrusion was the result of the SolarWinds hack, but the company confirmed as much to KrebsOnSecurity earlier today. 13, news broke that the SolarWinds hack resulted in attackers reading the email communications at the U.S.

Hacking 256

Hacking Data breaches Software Malware 256

Schneier on Security

OCTOBER 6, 2021

No details about the hack. Uncategorized cybersecurity data breaches hacking

Telecommunications 40

Telecommunications Hacking Mobile Data breaches 40

WIRED Threat Level

OCTOBER 6, 2021

Security Security / Cyberattacks and Hacks Culture Culture / Video GamesThe data breach apparently includes source code, gamer payouts, and more.

Data breaches 83

Data breaches Hacking 83

Schneier on Security

JANUARY 24, 2020

amazon hacking malware saudiarabia smartphones spyware

Hacking 268

Hacking Spyware Telecommunications Backups 268