GPS As a Key Distribution Platform
This is interesting: The U.S.
Schneier on Security
20 articles
Critical Zcash Vulnerability Found and Fixed
If you’re a user—owner?—of this cryptocurrency, this is important: On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash O...
Anthropic’s Project Glasswing Update
In April, Anthropic initated Project Glasswing. The idea was to let companies use their new model to find and fix vulnerabilities in their own software.
Hacking Meta’s AI Chatbot
Hackers are convincing Meta’s AI support chatbot to let them take over other peoples’ accounts: A video posted on X showed the step-by-step process to hack s...
AI Used to Decrypt Medieval Ciphers
Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers.
The Intersection of Encryption and AI
As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to s...
Microsoft Threatening Security Researcher
An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including...
Vulnerability Disclosure in the Age of AI
New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally res...
Friday Squid Blogging: Another Squid
Someone named “Squid” seems to be a “West Country legend.” As usual, you can also use this squid post to talk about the security stories in the news that I h...
Chilling Effects
Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it. Despite an unpopular Iran war and an even more unpopular...
FBI’s 2025 Internet Crime Report
The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Press release.
Identifying People Using Wi-Fi Routers
Not identifying people based on their use of Wi-Fi routers, but identifying people using Wi-Fi signals. This is accomplished through what is known as WiFi se...
Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
The South Pacific Regional Fisheries Management Organization (SPRFMO) needs to regulate squid fishing in the South Pacific. As usual, you can also use this s...
CISA Security Leak
Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that e...
macOS Kernel Memory Corruption Exploit
A group used Anthropic’s Mythos AI model to help find a kernel memory corruption vulnerability and exploit on Apple’s M5. News article.
Laurie Anderson Is Quoting Me
Not by name, but Laurie Anderson quotes me in one of the tracks of her new album: My favorite quote is from a cryptologist who said “If you think technology ...
Zero-Day Exploit Against Windows BitLocker
It’s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the al...
Friday Squid Blogging: Bigfin Squid
Article about the bigfin squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Bypassing On-Camera Age-Verification Checks
Some AI-based video age-verification checks can be fooled with a fake mustache.
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financ...