Loading

Router Security

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security. Conclusion: Our analysis showed that Linux is the most…

Browser Tracking Using Favicons

Interesting research on persistent web tracking using favicons. (For those who don’t know, favicons are those tiny icons that appear in browser tabs next to the page name.) Abstract: The privacy threats of online tracking…

US Cyber Command Valentine’s Day Cryptography Puzzles

The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link, in case Cyber Command takes the page down.)Read more: schneier.com

On Vulnerability-Adjacent Vulnerabilities

At the virtual Engima Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have the attackers tweak…

Chinese Supply-Chain Attack on Computer Systems

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost…

Loading

Friday Squid Blogging: Flying Squid

How squid fly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.Read more: schneier.com

Attack against Florida Water Treatment Facility

A water treatment plant in Oldsmar, Florida, was attacked last Friday. The attacker took control of one of the systems, and increased the amount of sodium hydroxide — that’s lye — by a factor of…