Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which…
Hacking a Coffee Maker
As expected, IoT devices are filled with vulnerabilities: As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he…
Documented Death from a Ransomware Attack
A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented case of a cyberattack causing…
NSA Advisory on Chinese Government Hacking
The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese…
How the FIN7 Cybercrime Gang Operates
The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. An excerpt: The secret of FIN7’s success is their operational art of cyber crime. They managed their resources and operations…
Hacking AI-Graded Tests
The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis. Read more: schneier.com
2017 Tesla Hack
Interesting story of a class break against the entire Tesla fleet.Read more: schneier.com
North Korea ATM Hack
The US Cybersecurity and Infrastructure Security Agency (CISA) published a long and technical alert describing a North Korea hacking scheme against ATMs in a bunch of countries worldwide: This joint advisory is the result of…
UAE Hack and Leak Operations
Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE), Qatar, and Saudi Arabia, should be…