Upcoming Speaking Engagements
August 14 2020This is a current list of where and when I am scheduled to speak: I'm giving a keynote address at the Cybersecurity and Data Privacy Law virtual conference on...
Read moreDrovorub Malware
August 14 2020The NSA and FBI have jointly disclosed Drovorub, a Russian malware suite that targets Linux. Detailed advisory. Fact sheet. News articles. Reddit thread....
Read moreUAE Hack and Leak Operations
August 13 2020Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE),...
Read moreCryptanalysis of an Old Zip Encryption Algorithm
August 12 2020Mike Stay broke an old zipfile encryption algorithm to recover $300,000 in bitcoin. DefCon talk here....
Read moreCollecting and Selling Mobile Phone Location Data
August 11 2020The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "more than 500 mobile applications." Through that SDK,...
Read moreSmart Lock Vulnerability
August 10 2020Yet another Internet-connected door lock is insecure: Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure and versatile smart deadbolt that...
Read moreFriday Squid Blogging: New SQUID
August 7 2020There's a new SQUID: A new device that relies on flowing clouds of ultracold atoms promises potential tests of the intersection between the weirdness of the quantum world and...
Read moreThe NSA on the Risks of Exposing Location Data
August 6 2020The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Most users rely on features...
Read moreCybercrime in the Age of COVID-19
August 4 2020The Cambridge Cybercrime Centre has a series of papers on cybercrime during the coronavirus pandemic. EDITED TO ADD (8/12): Interpol report....
Read more
Recent Comments