Crypto-Gram: 2023 Archives

November 15, 2023

In this issue:

  1. Coin Flips Are Biased
  2. Security Vulnerability of Switzerland’s E-Voting System
  3. Analysis of Intellexa’s Predator Spyware
  4. Former Uber CISO Appealing His Conviction
  5. AI and US Election Rules
  6. Child Exploitation and the Crypto Wars
  7. EPA Won’t Force Water Utilities to Audit Their Cybersecurity
  8. Microsoft is Soft-Launching Security Copilot
  9. New NSA Information from (and about) Snowden
  10. Messaging Service Wiretap Discovered through Expired TLS Cert
  11. Hacking Scandinavian Alcohol Tax
  12. The Future of Drone Warfare
  13. Spyware in India
  14. New York Increases Cybersecurity Rules for Financial Companies
  15. Crashing iPhones with a Flipper Zero
  16. Spaf on the Morris Worm
  17. Decoupling for Security
  18. Online Retail Hack
  19. The Privacy Disaster of Modern Smart Cars
  20. Ten Ways AI Will Change Democracy
  21. How .tk Became a TLD for Scammers
  22. Upcoming Speaking Engagements
Read This Issue →

October 15, 2023

In this issue:

  1. On Technologies for Automatic Facial Recognition
  2. LLM Summary of My Book Beyond Fear
  3. Using Hacked LastPass Keys to Steal Cryptocurrency
  4. Detecting AI-Generated Text
  5. On the Cybersecurity Jobs Shortage
  6. New Revelations from the Snowden Documents
  7. Signal Will Leave the UK Rather Than Add a Backdoor
  8. Critical Vulnerability in libwebp Library
  9. NSA AI Security Center
  10. Hacking Gas Pumps via Bluetooth
  11. Malicious Ads in Bing Chat
  12. Political Disinformation and AI
  13. Deepfake Election Interference in Slovakia
  14. AI Risks
  15. Model Extraction Attack on Neural Networks
  16. Cisco Can’t Stop Using Hard-Coded Passwords
  17. Bounty to Recover NIST’s Elliptic Curve Seeds
  18. Hacking the High School Grading System
Read This Issue →

September 15, 2023

In this issue:

  1. Zoom Can Spy on Your Calls and Use the Conversation to Train AI, But Says That It Won’t
  2. UK Electoral Commission Hacked
  3. Detecting “Violations of Social Norms” in Text with AI
  4. Bots Are Better than Humans at Solving CAPTCHAs
  5. White House Announces AI Cybersecurity Challenge
  6. Applying AI to License Plate Surveillance
  7. December’s Reimagining Democracy Workshop
  8. Parmesan Anti-Forgery Protection
  9. Hacking Food Labeling Laws
  10. Remotely Stopping Polish Trains
  11. Identity Theft from 1965 Uncovered through Face Recognition
  12. When Apps Go Rogue
  13. Own Your Own Government Surveillance Van
  14. Spyware Vendor Hacked
  15. Inconsistencies in the Common Vulnerability Scoring System (CVSS)
  16. Cryptocurrency Startup Loses Encryption Key for Electronic Wallet
  17. The Hacker Tool to Get Personal Data from Credit Bureaus
  18. LLMs and Tool Use
  19. On Robots Killing People
  20. Cars Have Terrible Data Privacy
  21. Zero-Click Exploit in iPhones
  22. Fake Signal and Telegram Apps in the Google Play Store
  23. Upcoming Speaking Engagements
Read This Issue →

August 15, 2023

In this issue:

  1. Tracking Down a Suspect through Cell Phone Records
  2. Disabling Self-Driving Cars with a Traffic Cone
  3. Practice Your Security Prompting Skills
  4. Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy
  5. Kevin Mitnick Died
  6. AI and Microdirectives
  7. Google Reportedly Disconnecting Employees from the Internet
  8. New York Using AI to Detect Subway Fare Evasion
  9. Backdoor in TETRA Police Radios
  10. Fooling an AI Article Writer
  11. Indirect Instruction Injection in Multi-Modal LLMs
  12. Automatically Finding Prompt Injection Attacks
  13. Hacking AI Resume Screening with Text in a White Font
  14. New SEC Rules around Cybersecurity Incident Disclosures
  15. The Need for Trustworthy AI
  16. Political Milestones for AI
  17. Microsoft Signing Key Stolen by Chinese
  18. You Can’t Rush Post-Quantum-Computing Cryptography Standards
  19. Using Machine Learning to Detect Keystrokes
  20. Cryptographic Flaw in Libbitcoin Explorer Cryptocurrency Wallet
  21. The Inability to Simultaneously Verify Sentience, Location, and Identity
  22. China Hacked Japan’s Military Networks
Read This Issue →

July 15, 2023

In this issue:

  1. Security and Human Behavior (SHB) 2023
  2. Power LED Side-Channel Attack
  3. Ethical Problems in Computer Security
  4. AI as Sensemaking for Public Comments
  5. UPS Data Harvested for SMS Phishing Attacks
  6. Excel Data Forensics
  7. Typing Incriminating Evidence in the Memo Field
  8. Stalkerware Vendor Hacked
  9. Redacting Documents with a Black Sharpie Doesn’t Work
  10. The US Is Spying on the UN Secretary General
  11. Self-Driving Cars Are Surveillance Cameras on Wheels
  12. The Password Game
  13. Class-Action Lawsuit for Scraping Data without Permission
  14. Belgian Tax Hack
  15. The AI Dividend
  16. Wisconsin Governor Hacks the Veto Process
  17. Privacy of Printing Services
  18. Google Is Using Its Vast Data Stores to Train AI
  19. French Police Will Be Able to Spy on People through Their Cell Phones
  20. Buying Campaign Contributions as a Hack
Read This Issue →

June 15, 2023

In this issue:

  1. Micro-Star International Signing Key Stolen
  2. Microsoft Secure Boot Bug
  3. Security Risks of New .zip and .mov Domains
  4. Google Is Not Deleting Old YouTube Videos
  5. Credible Handwriting Machine
  6. Indiana, Iowa, and Tennessee Pass Comprehensive Privacy Laws
  7. On the Poisoning of LLMs
  8. Expeditionary Cyberspace Operations
  9. Brute-Forcing a Fingerprint Reader
  10. Chinese Hacking of US Critical Infrastructure
  11. On the Catastrophic Risk of AI
  12. Open-Source LLMs
  13. The Software-Defined Car
  14. Snowden Ten Years Later
  15. How Attorneys Are Harming Cybersecurity Incident Response
  16. Paragon Solutions Spyware: Graphite
  17. Operation Triangulation: Zero-Click iPhone Malware
  18. AI-Generated Steganography
  19. Identifying the Idaho Killer
  20. On the Need for an AI Public Option
Read This Issue →

May 15, 2023

In this issue:

  1. Swatting as a Service
  2. Using LLMs to Create Bioweapons
  3. EFF on the UN Cybercrime Treaty
  4. New Zero-Click Exploits against iOS
  5. Using the iPhone Recovery Key to Lock Owners Out of Their iPhones
  6. Hacking Pickleball
  7. UK Threatens End-to-End Encryption
  8. Cyberweapons Manufacturer QuaDream Shuts Down
  9. AI to Aid Democracy
  10. Security Risks of AI
  11. Hacking the Layoff Process
  12. NIST Draft Document on Post-Quantum Cryptography Guidance
  13. SolarWinds Detected Six Months Earlier
  14. Large Language Models and Elections
  15. AI Hacking Village at DEF CON This Year
  16. PIPEDREAM Malware against Industrial Control Systems
  17. FBI Disables Russian Malware
  18. Building Trustworthy AI
  19. Ted Chiang on the Risks of AI
  20. Upcoming Speaking Engagements
Read This Issue →

April 15, 2023

In this issue:

  1. NetWire Remote Access Trojan Maker Arrested
  2. How AI Could Write Our Laws
  3. Upcoming Speaking Engagements
  4. US Citizen Hacked by Spyware
  5. ChatGPT Privacy Flaw
  6. Mass Ransomware Attack
  7. Exploding USB Sticks
  8. A Hacker’s Mind News
  9. Hacks at Pwn2Own Vancouver 2023
  10. Security Vulnerabilities in Snipping Tools
  11. The Security Vulnerabilities of Message Interoperability
  12. Russian Cyberwarfare Documents Leaked
  13. UK Runs Fake DDoS-for-Hire Sites
  14. North Korea Hacking Cryptocurrency Sites with 3CX Exploit
  15. FBI (and Others) Shut Down Genesis Market
  16. Research on AI in Adversarial Settings
  17. LLMs and Phishing
  18. Car Thieves Hacking the CAN Bus
  19. FBI Advising People to Avoid Public Charging Stations
  20. Bypassing a Theft Threat Model
  21. Gaining an Advantage in Roulette
  22. Hacking Suicide
  23. Upcoming Speaking Engagements
Read This Issue →

March 15, 2023

In this issue:

  1. Camera the Size of a Grain of Salt
  2. ChatGPT Is Ingesting Corporate Secrets
  3. Defending against AI Lobbyists
  4. Fines as a Security System
  5. The Insecurity of Photo Cropping
  6. A Device to Turn Traffic Lights Green
  7. Cyberwar Lessons from the War in Ukraine
  8. Putting Undetectable Backdoors in Machine Learning Models
  9. Banning TikTok
  10. Side-Channel Attack against CRYSTALS-Kyber
  11. Fooling a Voice Authentication System with an AI-Generated Voice
  12. Dumb Password Rules
  13. Nick Weaver on Regulating Cryptocurrency
  14. New National Cybersecurity Strategy
  15. Prompt Injection Attacks on Large Language Models
  16. BlackLotus Malware Hijacks Windows Secure Boot Process
  17. Another Malware with Persistence
  18. Elephant Hackers
  19. NetWire Remote Access Trojan Maker Arrested
  20. How AI Could Write Our Laws
  21. Upcoming Speaking Engagements
Read This Issue →

February 15, 2023

In this issue:

  1. Hacked Cellebrite and MSAB Software Released
  2. The FBI Identified a Tor User
  3. AI and Political Lobbying
  4. Security Analysis of Threema
  5. Real-World Steganography
  6. Publisher’s Weekly Review of A Hacker’s Mind
  7. No-Fly List Exposed
  8. Bulk Surveillance of Money Transfers
  9. US Cyber Command Operations During the 2022 Midterm Elections
  10. On Alec Baldwin’s Shooting
  11. A Guide to Phishing Attacks
  12. Kevin Mitnick Hacked California Law in 1983
  13. NIST Is Updating Its Cybersecurity Framework
  14. Ransomware Payments Are Down
  15. Passwords Are Terrible (Surprising No One)
  16. AIs as Computer Hackers
  17. Manipulating Weights in Face-Recognition AI Systems
  18. A Hacker’s Mind News
  19. Attacking Machine Learning Systems
  20. Malware Delivered through Google Search
  21. SolarWinds and Market Incentives
  22. Mary Queen of Scots Letters Decrypted
  23. Hacking the Tax Code
  24. A Hacker’s Mind Is Now Published
  25. On Pig Butchering Scams
  26. What Will It Take?
  27. Upcoming Speaking Engagements
Read This Issue →

January 15, 2023

In this issue:

  1. A Security Vulnerability in the KmsdBot Botnet
  2. Apple Patches iPhone Zero-Day
  3. As Long as We’re on the Subject of CAPTCHAs
  4. How to Surrender to a Drone
  5. Trojaned Windows Installer Targets Ukraine
  6. Ukraine Intercepting Russian Soldiers’ Cell Phone Calls
  7. Critical Microsoft Code-Execution Vulnerability
  8. Hacking the JFK Airport Taxi Dispatch System
  9. LastPass Breach
  10. Arresting IT Administrators
  11. QR Code Scam
  12. Recovering Smartphone Voice from the Accelerometer
  13. Breaking RSA with a Quantum Computer
  14. Decarbonizing Cryptocurrencies through Taxation
  15. Remote Vulnerabilities in Automobiles
  16. Schneier on Security Audiobook Sale
  17. Identifying People Using Cell Phone Location Data
  18. ChatGPT-Written Malware
  19. Experian Privacy Vulnerability
  20. Threats of Machine-Generated Text
  21. Booklist Review of A Hacker’s Mind
  22. Upcoming Speaking Engagements
Read This Issue →
← 2022Calendar

Sidebar photo of Bruce Schneier by Joe MacInnis.