Security Vulnerabilities in Eufy Cameras
December 9 2022Eufy cameras claim to be local only, but upload data to the cloud. The company is basically lying to reporters, despite being shown evidence to the contrary....
Read moreLeaked Signing Keys Are Being Used to Sign Malware
December 8 2022A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware.
Łukasz Siewierski, a member of Google’s Android Security...
Read more
The Decoupling Principle
December 7 2022This is a really interesting paper that discusses what the authors call the Decoupling Principle:
The idea is simple, yet previously not clearly articulated: to ensure privacy, information should...
Read more
CryWiper Data Wiper Targeting Russian Sites
December 6 2022Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks.
The Trojan corrupts any data that’s not vital for the functioning of...
Read more
Friday Squid Blogging: Legend of the Indiana Oil-Pit Squid
December 3 2022At a GMC plant. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
Read moreExistential Risk and the Fermi Paradox
December 3 2022We know that complexity is the worst enemy of security, because it makes attack easier and defense harder. This becomes catastrophic as the effects of that attack become greater.
In...
Read moreLastPass Security Breach
December 2 2022The company was hacked, and customer information accessed. No passwords were compromised.
Read moreSirius XM Software Vulnerability
December 1 2022This is new:
Newly revealed research shows that a number of major car brands, including Honda, Nissan, Infiniti, and Acura, were affected by a previously undisclosed security bug...
Read more
Recent Comments