(Italiano) Il malware Digmine estrae crittovaluta via Facebook

Sorry, this entry is only available in Italian.

Tracking People Without GPS

Interesting research: The trick in accurately tracking a person with this method is finding out what kind of activity they’re performing. Whether they’re walking, driving a car, or riding in a train or airplane, it’s pretty easy to figure out when you know what you’re looking for. The sensors can determine how fast a person… Read more »

(Italiano) Loapi: il trojan che brucia la batteria dello smartphone

Sorry, this entry is only available in Italian.

On Deniability and Duress

Imagine you’re at a border crossing, and the guard asks you to hand over all of your electronics for screening. The guard then asks that you unlock your device, provide passwords and decryption keys. Right now, he’s asking nicely, but he happens to be carrying an unpleasant-looking rubber hose, (Yes, cryptographers actually do call this… Read more »

WhatsApp Security Vulnerability

Back in March, Rolf Weber wrote about a potential vulnerability in the WhatsApp protocol that would allow Facebook to defeat perfect forward secrecy by forcibly change users’ keys, allowing it — or more likely, the government — to eavesdrop on encrypted messages. It seems that this vulnerability is real: WhatsApp has the ability to force… Read more »

Nemucod downloader spreading via Facebook

Earlier today, a friend of mine notified me of something strange going on with his Facebook account; a message containing only an image (an .svg file in reality) had been sent automatically, effectively bypassing Facebook’s file extension filter: What is an .svg file? From Wikipedia: Scalable Vector Graphics (SVG) is an XML-based vector image format… Read more »

5900 online stores found skimming [analysis]

Update Oct 17th: already 841 stores have been fixed! Thanks to everybody who tirelessly notified and fixed stores. Update Oct 14th: Github has booted my data and I have moved to Gitlab (statement from Gitlab on this case). Online card skimming is up 69% since Nov 2015 Multiple groups involved Merchants are unaware Last week… Read more »

  • Bruce Schneier, English-Italian Translations

    I’m Selling My Laptop

    Posted on by

    I’m selling my laptop on eBay. It’s basically new, although the box has been opened. I wanted to downgrade the OS, but learned that one of the key drivers — it controls the camera and the hibernate function — was only available for Vista. So it’s up for sale, at a good price. ETA: It’s… Read more »

  • Bruce Schneier, English-Italian Translations

    Obama’s Cybersecurity Speech

    Posted on by

    I am optimistic about President Obama’s new cybersecurity policy and the appointment of a new “cybersecurity coordinator,” though much depends on the details. What we do know is that the threats are real, from identity theft to Chinese hacking to cyberwar. His principles were all welcome — securing government networks, coordinating responses, working to secure… Read more »

  • Bruce Schneier, English-Italian Translations

    Steganography Using TCP Retransmission

    Posted on by

    Research: Hiding Information in Retransmissions Wojciech Mazurczyk, Milosz Smolarczyk, Krzysztof Szczypiorski The paper presents a new steganographic method called RSTEG (Retransmission Steganography), which is intended for a broad class of protocols that utilises retransmission mechanisms. The main innovation of RSTEG is to not acknowledge a successfully received packet in order to intentionally invoke retransmission. The… Read more »

  • English-Italian Translations

    Fear of blackmail after RAF loses sensitive personal data

    Posted on by

    Highly personal information about senior officers of the Royal Air Force (RAF) – including details of extra-marital affairs, debt, drug abuse, and the use of prostitutes – is alleged to be amongst the data lost from a base in Innsworth, Gloucestershire. When I originally reported on the stolen USB drives last September, it was suggested… Read more »

  • English-Italian Translations

    How to control a Blackberry Enterprise Server with just a PDF

    Posted on by

    Sorry, I’m not actually going to tell you how to do that. But Research In Motion (RIM), the company who make the BlackBerry smartphones beloved by corporate workers worldwide, has warned of a vulnerability in the way its devices handles PDF files which could allow hackers to remotely execute code. According to a security advisory… Read more »

  • Bruce Schneier, English-Italian Translations

    No Warrant Required for GPS Tracking

    Posted on by

    At least, according to a Wisconsin appeals court ruling: As the law currently stands, the court said police can mount GPS on cars to track people without violating their constitutional rights — even if the drivers aren’t suspects. Officers do not need to get warrants beforehand because GPS tracking does not involve a search or… Read more »

  • English-Italian Translations

    Salma Hayek’s email account is hacked

    Posted on by

    According to reports, Hollywood actress Salma Hayek has fallen victim to hackers, who have broken into her email account and released images of her private communications. The actress, remembered equally well for her Oscar-nominated role in the biopic of Frida Kahlo as her erotic snake-dancing performance in “From Dusk Till Dawn”, had her MobileMe account… Read more »

  • Bruce Schneier, English-Italian Translations

    How Not to Carry Around Secret Documents

    Posted on by

    Here’s a tip: when walking around in public with secret government documents, put them in an envelope. A huge MI5 and police counterterrorist operation against al-Qaeda suspects had to be brought forward at short notice last night after Scotland Yard’s counter-terrorism chief accidentally revealed a briefing document. […] The operation was nearly blown when Assistant… Read more »

  • Bruce Schneier, English-Italian Translations

    The Techniques for Distributing Child Porn

    Posted on by

    Fascinating history of an illegal industry: Today’s schemes are technologically very demanding and extremely complex. It starts with the renting of computer servers in several countries. First the Carders are active to obtain the credit cards and client identities wrongfully. These data are then passed to the falsifiers who manufacture wonderful official documents so that… Read more »

  • Bruce Schneier, English-Italian Translations

    New eBay Fraud

    Posted on by

    Here’s a clever attack, exploiting relative delays in eBay, PayPal, and UPS shipping: The buyer reported the item as “destroyed” and demanded and got a refund from Paypal. When the buyer shipped it back to Chad and he opened it, he found there was nothing wrong with it — except that the scammer had removed… Read more »