Crypto-Gram Newsletter

Crypto-Gram is a free monthly e-mail digest of posts from Bruce Schneier’s Schneier on Security blog.

Recent Issues

April 15, 2021

In this issue:

  1. Security Analysis of Apple's "Find My..." Protocol
  2. On the Insecurity of ES&S Voting Machines' Hash Code
  3. Illegal Content and the Blockchain
  4. Exploiting Spectre Over the Internet
  5. Easy SMS Hijacking
  6. Details of a Computer Banking Scam
  7. Accellion Supply Chain Hack
  8. Determining Key Shape from Sound
  9. Hacking Weapons Systems
  10. System Update: New Android Malware
  11. Fugitive Identified on YouTube By His Distinctive Tattoos
  12. Malware Hidden in Call of Duty Cheating Software
  13. Wi-Fi Devices as Physical Object Sensors
  14. Phone Cloning Scam
  15. Signal Adds Cryptocurrency Support
  16. Google's Project Zero Finds a Nation-State Zero-Day Operation
  17. Backdoor Added -- But Found -- in PHP
  18. More Biden Cybersecurity Nominations
  19. The FBI Is Now Securing Networks Without Their Owners' Permission
  20. Upcoming Speaking Engagements

Read This Issue →

March 15, 2021

In this issue:

  1. On Vulnerability-Adjacent Vulnerabilities
  2. Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed
  3. US Cyber Command Valentine's Day Cryptography Puzzles
  4. Malicious Barcode Scanner App
  5. Browser Tracking Using Favicons
  6. Virginia Data Privacy Law
  7. WEIS 2021 Call for Papers
  8. Router Security
  9. GPS Vulnerabilities
  10. Dependency Confusion: Another Supply-Chain Vulnerability
  11. Twelve-Year-Old Vulnerability Found in Windows Defender
  12. On Chinese-Owned Technology Platforms
  13. The Problem with Treating Data as a Commodity
  14. National Security Risks of Late-Stage Capitalism
  15. Mysterious Macintosh Malware
  16. Encoded Message in the Perseverance Mars Lander's Parachute
  17. Chinese Hackers Stole an NSA Windows Exploit in 2014
  18. Four Microsoft Exchange Zero-Days Exploited by China
  19. Threat Model Humor
  20. No, RSA Is Not Broken
  21. Hacking Digitally Signed PDF Files
  22. On Not Fixing Old Vulnerabilities
  23. More on the Chinese Zero-Day Microsoft Exchange Hack
  24. Fast Random Bit Generation
  25. Metadata Left in Security Agency PDFs
  26. Upcoming Speaking Engagements

Read This Issue →

February 15, 2021

In this issue:

  1. Cell Phone Location Privacy
  2. Injecting a Backdoor into SolarWinds Orion
  3. Sophisticated Watering Hole Attack
  4. SVR Attacks on Microsoft 365
  5. Insider Attack on Home Surveillance Systems
  6. Massive Brazilian Data Breach
  7. Dutch Insider Attack on COVID-19 Data
  8. Police Have Disrupted the Emotet Botnet
  9. New iMessage Security Features
  10. Including Hackers in NATO Wargames
  11. Georgia's Ballot-Marking Devices
  12. More SolarWinds News
  13. Another SolarWinds Orion Hack
  14. Presidential Cybersecurity and Pelotons
  15. NoxPlayer Android Emulator Supply-Chain Attack
  16. SonicWall Zero-Day
  17. Web Credit Card Skimmer Steals Data from Another Credit Card Skimmer
  18. Ransomware Profitability
  19. Attack against Florida Water Treatment Facility
  20. Medieval Security Techniques
  21. Chinese Supply-Chain Attack on Computer Systems

Read This Issue →

More Issues →

Sidebar photo of Bruce Schneier by Joe MacInnis.