Crypto-Gram Newsletter

Crypto-Gram is a free monthly e-mail digest of posts from Bruce Schneier’s Schneier on Security blog.

Recent Issues

March 15, 2021

In this issue:

  1. On Vulnerability-Adjacent Vulnerabilities
  2. Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed
  3. US Cyber Command Valentine's Day Cryptography Puzzles
  4. Malicious Barcode Scanner App
  5. Browser Tracking Using Favicons
  6. Virginia Data Privacy Law
  7. WEIS 2021 Call for Papers
  8. Router Security
  9. GPS Vulnerabilities
  10. Dependency Confusion: Another Supply-Chain Vulnerability
  11. Twelve-Year-Old Vulnerability Found in Windows Defender
  12. On Chinese-Owned Technology Platforms
  13. The Problem with Treating Data as a Commodity
  14. National Security Risks of Late-Stage Capitalism
  15. Mysterious Macintosh Malware
  16. Encoded Message in the Perseverance Mars Lander's Parachute
  17. Chinese Hackers Stole an NSA Windows Exploit in 2014
  18. Four Microsoft Exchange Zero-Days Exploited by China
  19. Threat Model Humor
  20. No, RSA Is Not Broken
  21. Hacking Digitally Signed PDF Files
  22. On Not Fixing Old Vulnerabilities
  23. More on the Chinese Zero-Day Microsoft Exchange Hack
  24. Fast Random Bit Generation
  25. Metadata Left in Security Agency PDFs
  26. Upcoming Speaking Engagements

Read This Issue →

February 15, 2021

In this issue:

  1. Cell Phone Location Privacy
  2. Injecting a Backdoor into SolarWinds Orion
  3. Sophisticated Watering Hole Attack
  4. SVR Attacks on Microsoft 365
  5. Insider Attack on Home Surveillance Systems
  6. Massive Brazilian Data Breach
  7. Dutch Insider Attack on COVID-19 Data
  8. Police Have Disrupted the Emotet Botnet
  9. New iMessage Security Features
  10. Including Hackers in NATO Wargames
  11. Georgia's Ballot-Marking Devices
  12. More SolarWinds News
  13. Another SolarWinds Orion Hack
  14. Presidential Cybersecurity and Pelotons
  15. NoxPlayer Android Emulator Supply-Chain Attack
  16. SonicWall Zero-Day
  17. Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer
  18. Ransomware Profitability
  19. Attack against Florida Water Treatment Facility
  20. Medieval Security Techniques
  21. Chinese Supply-Chain Attack on Computer Systems

Read This Issue →

January 15, 2021

In this issue:

  1. Another Massive Russian Hack of US Government Networks
  2. How the SolarWinds Hackers Bypassed Duo's Multi-Factor Authentication
  3. Zodiac Killer Cipher Solved
  4. Mexican Drug Cartels with High-Tech Spyware
  5. More on the SolarWinds Breach
  6. US Schools Are Buying Cell Phone Unlocking Systems
  7. NSA on Authentication Hacks (Related to SolarWinds Breach)
  8. Eavesdropping on Phone Taps from Voice Assistants
  9. Investigating the Navalny Poisoning
  10. How China Uses Stolen US Personnel Data
  11. Russia's SolarWinds Attack
  12. On the Evolution of Ransomware
  13. Brexit Deal Mandates Old Insecure Crypto Algorithms
  14. Amazon Has Trucks Filled with Hard Drives and an Armed Guard
  15. Military Cryptanalytics, Part III
  16. Latest on the SVR's SolarWinds Hack
  17. Backdoor in Zyxel Firewalls and Gateways
  18. Extracting Personal Information from Large Language Models Like GPT-2
  19. Russia's SolarWinds Attack and Software Security
  20. APT Horoscope
  21. Changes in WhatsApp's Privacy Policy
  22. Cloning Google Titan 2FA keys
  23. On US Capitol Security -- By Someone Who Manages Arena-Rock-Concert Security
  24. Finding the Location of Telegram Users
  25. Upcoming Speaking Engagements
  26. Click Here to Kill Everybody Sale

Read This Issue →

More Issues →

Sidebar photo of Bruce Schneier by Joe MacInnis.