Feed aggregator

The Story of Tiversa

Schneier on Security - Tue, 12/03/2019 - 06:19
The New Yorker has published the long and interesting story of the cybersecurity firm Tiversa. Watching "60 Minutes," Boback saw a remarkable new business angle. Here was a multibillion-dollar industry with a near-existential problem and no clear solution. He did not know it then, but, as he turned the opportunity over in his mind, he was setting in motion a... Bruce Schneier
Categories: Security News

A decade of malware: Top botnets of the 2010s

ZDNet Zero Day - Mon, 12/02/2019 - 23:45
ZDNet goes over the list of biggest malware botnets of the past decade, from Necurs to Mirai.
Categories: Security News

Android: New StrandHogg vulnerability is being exploited in the wild

ZDNet Zero Day - Mon, 12/02/2019 - 09:58
Promon discovers new StrandHogg vulnerability. Lookout identifies 36 malicious apps exploiting it in the wild.
Categories: Security News

Researchers disclose DLL loading vulnerabilities in Autodesk, Trend Micro, Kaspersky software

ZDNet Zero Day - Mon, 12/02/2019 - 08:12
Updated: Privilege escalation and code execution bugs lurked in the applications.
Categories: Security News

Cameras that Automatically Detect Mobile Phone Use

Schneier on Security - Mon, 12/02/2019 - 05:56
New South Wales is implementing a camera system that automatically detects when a driver is using a mobile phone.... Bruce Schneier
Categories: Security News

61% of malicious ads target Windows users

ZDNet Zero Day - Sun, 12/01/2019 - 23:35
Chrome OS is the second most targeted, while Linux is the least.
Categories: Security News

Data of 21 million Mixcloud users put up for sale on the dark web

ZDNet Zero Day - Sun, 12/01/2019 - 08:37
Emails, usernames, and strong-hashed passwords sold for $2,000.
Categories: Security News

Friday Squid Blogging: Squid-Like Underwater Drone

Schneier on Security - Fri, 11/29/2019 - 16:13
The Sea Hunting Autonomous Reconnaissance Drone (SHARD) swims like a squid and can explode on command. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

iOS apps could really benefit from the newly proposed Security.plist standard

ZDNet Zero Day - Fri, 11/29/2019 - 13:11
Security.plist was inspired by the already-existing and highly popular security.txt standard.
Categories: Security News

Authorities take down 'Imminent Monitor' RAT malware operation

ZDNet Zero Day - Fri, 11/29/2019 - 07:20
Europol reports 14 arrests across eight countries, including the RAT's creator, in Australia.
Categories: Security News

Manipulating Machine Learning Systems by Manipulating Training Data

Schneier on Security - Fri, 11/29/2019 - 05:43
Interesting research: "TrojDRL: Trojan Attacks on Deep Reinforcement Learning Agents": Abstract:: Recent work has identified that classification models implemented as neural networks are vulnerable to data-poisoning and Trojan attacks at training time. In this work, we show that these training-time vulnerabilities extend to deep reinforcement learning (DRL) agents and can be exploited by an adversary with access to the training... Bruce Schneier
Categories: Security News