Security News

Security and Human Behavior (SHB 2017)

Bruce Shneier's Blog - 1 hour 11 min ago
I'm in Cambridge University, at the tenth Workshop on Security and Human Behavior. SHB is a small invitational gathering of people studying various aspects of the human side of security, organized each year by Ross Anderson, Alessandro Acquisti, and myself. The 50 or so people in the room include psychologists, economists, computer security researchers, sociologists, political scientists, political scientists, neuroscientists,... Bruce Schneier
Categories: Security News

Crysis ransomware master keys released to the public

zdnet 0 day - 6 hours 46 min ago
A total of 200 master keys can now be used by victims to decrypt and unlock their systems.
Categories: Security News

Ransomware and the Internet of Things

Bruce Shneier's Blog - 9 hours 26 min ago
As devastating as the latest widespread ransomware attacks have been, it's a problem with a solution. If your copy of Windows is relatively current and you've kept it updated, your laptop is immune. It's only older unpatched systems on your computer that are vulnerable. Patching is how the computer industry maintains security in the face of rampant Internet insecurity. Microsoft,... Bruce Schneier
Categories: Security News

Apple iCloud, Android Nvidia driver N-day exploit details revealed

zdnet 0 day - 11 hours 12 min ago
Kernels can be exploited and iCloud account user information leaked due to the security flaws.
Categories: Security News

What are "national security letters?" Here's everything you need to know

zdnet 0 day - Wed, 05/24/2017 - 13:00
Here's everything you need to know about the secretive FBI's investigative powers.
Categories: Security News

Hacking Fingerprint Readers with Master Prints

Bruce Shneier's Blog - Wed, 05/24/2017 - 06:44
There's interesting research on using a set of "master" digital fingerprints to fool biometric readers. The work is theoretical at the moment, but they might be able to open about two-thirds of iPhones with these master prints. Definitely something to keep watching. Research paper (behind a paywall).... Bruce Schneier
Categories: Security News

How to protect your laptop in cargo when you fly

zdnet 0 day - Wed, 05/24/2017 - 03:49
In this guide, learn about current regulations and how to deal with theft, insurance problems, and hardware damage.
Categories: Security News

Twitter flaw allowed you to tweet from any account

zdnet 0 day - Wed, 05/24/2017 - 02:08
All this time, a rather simple Twitter bug could have caused chaos on the platform.
Categories: Security News

ICE is Using Stingray to Track Illegal Immigrants

Bruce Shneier's Blog - Tue, 05/23/2017 - 14:19
According to court documents, US Immigration and Customs Enforcement is using Stingray cell-site simulators to track illegal immigrants.... Bruce Schneier
Categories: Security News

Fresh wave of mutating Qakbot malware brings down enterprise networks

zdnet 0 day - Tue, 05/23/2017 - 11:00
The malware is able to lock out companies from accessing their networks as well as infecting neighboring systems.
Categories: Security News

UK authorities push for 'direct access' to internet providers' systems

zdnet 0 day - Tue, 05/23/2017 - 07:19
The government wants to install black box-type devices on telecoms networks for unfettered access to UK metadata, which one rights group says will "become central to the new surveillance regime."
Categories: Security News

The Future of Ransomware

Bruce Shneier's Blog - Tue, 05/23/2017 - 05:55
Ransomware isn't new, but it's increasingly popular and profitable. The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It's extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how to buy bitcoin. The price... Bruce Schneier
Categories: Security News

386 WannaCry ransomware samples discovered in the wild

zdnet 0 day - Tue, 05/23/2017 - 01:35
The destructive ransomware has caused chaos and it may be that cyberattackers want to continue capitalizing on the malware.
Categories: Security News

Europol cracks down on ATM black box attack scheme

zdnet 0 day - Tue, 05/23/2017 - 00:57
The "black box" attacks compromise ATMs to dispense cash.
Categories: Security News

Apple reveals it received a secret national security letter

zdnet 0 day - Mon, 05/22/2017 - 21:35
Authorities demanded data from twice as many Macs, iPhones, iPads in the second-half of last year than the first-half, despite fewer overall requests.
Categories: Security News

North Korean Cyberwar Capabilities

Bruce Shneier's Blog - Mon, 05/22/2017 - 14:10
Reuters has an article on North Korea's cyberwar capabilities, specifically "Unit 180." They're still not in the same league as the US, UK, Russia, China, and Israel. But they're getting better.... Bruce Schneier
Categories: Security News

Extending the Airplane Laptop Ban

Bruce Shneier's Blog - Mon, 05/22/2017 - 06:06
The Department of Homeland Security is rumored to be considering extending the current travel ban on large electronics for Middle Eastern flights to European ones as well. The likely reaction of airlines will be to implement new traveler programs, effectively allowing wealthier and more frequent fliers to bring their computers with them. This will only exacerbate the divide between the... Bruce Schneier
Categories: Security News

Yahoo retires ImageMagick library after 18-byte exploit leaks user email content

zdnet 0 day - Mon, 05/22/2017 - 00:39
The simple line of code made it possible for attackers to view private Yahoo Mail images.
Categories: Security News

FCC won't publish evidence of alleged DDoS attack, amid net neutrality battle

zdnet 0 day - Sat, 05/20/2017 - 20:30
The agency has "gigabytes" of server logs that offer evidence for the alleged distributed denial-of-service attack, but it won't make them public.
Categories: Security News

Friday Squid Blogging: Giant Squid Caught Off the Coast of Ireland

Bruce Shneier's Blog - Fri, 05/19/2017 - 16:12
It's rare: Fishermen caught a 19-foot-long giant squid off the coast of Ireland on Monday, only the fifth to be seen there since 1673. Also the first in 22 years. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News