Summary

Total Articles Found: 4

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • G7 Comes Out in Favor of Encryption Backdoors
  • Firefox Enables DNS over HTTPS
  • Remotely Exploding Pagers
  • Google’s Project Zero Finds a Nation-State Zero-Day Operation

Google’s Project Zero Finds a Nation-State Zero-Day Operation

Published: 2021-04-08 11:06:53

Popularity: 12

Author: Bruce Schneier

Keywords:

  • Uncategorized
  • cyberattack
  • Google
  • terrorism
  • zero-day
  • 🤖: "hacked again"

    Google’s Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”: The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors. They caught the attention of cybersecurity experts thanks to their scale, sophistication, and speed. […] It’s true that Project Zero does not formally attribute hacking to specific groups. But the Threat Analysis Group, which also worked on the project, does perform attribution. Google omitted many more details than just the name of the government behind the hacks, and through that information, the teams knew internally who the hacker and targets were. It is not clear whether Google gave advance notice to government officials that they would be publicizing and shutting down the method of attack...

    ...more

    Firefox Enables DNS over HTTPS

    Published: 2020-02-25 15:15:33

    Popularity: 364

    Author: Bruce Schneier

    Keywords:

  • browsers
  • child pornography
  • DNS
  • Firefox
  • https
  • Mozilla
  • security engineering
  • terrorism
  • 🤖: ""Secure surfing""

    This is good news: Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can't be intercepted or hijacked in order to send a user to a malicious site. [...]...

    ...more

    G7 Comes Out in Favor of Encryption Backdoors

    Published: 2019-04-23 14:14:10

    Popularity: 495

    Author: Bruce Schneier

    Keywords:

  • backdoors
  • encryption
  • G7
  • hacking
  • key escrow
  • keys
  • law enforcement
  • terrorism
  • 🤖: "Backdoor detected"

    From a G7 meeting of interior ministers in Paris this month, an "outcome document": Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access digital evidence, when it is removed or hosted on IT servers located abroad or encrypted, without imposing any particular technology...

    ...more

    Remotely Exploding Pagers

    Published: 2024-09-17 15:54:36

    Popularity: 34

    Author: Bruce Schneier

    Keywords:

  • Uncategorized
  • bombs
  • Hezbollah
  • terrorism
  • 🤖: "boom!"

    Wow. It seems they all exploded simultaneously, which means they were triggered. Were they each tampered with physically, or did someone figure out how to trigger a thermal runaway remotely? Supply chain attack? Malicious code update, or natural vulnerability? I have no idea, but I expect we will all learn over the next few days. EDITED TO ADD: I’m reading nine killed and 2,800 injured. That’s a lot of collateral damage. (I haven’t seen a good number as to the number of pagers yet.) EDITED TO ADD: Reuters writes: “The pagers that detonated were the latest model brought in by Hezbollah in recent months, three security sources said.” That implies supply chain attack. And it seems to be a large detonation for an overloaded battery...

    ...more

    end