Recent Issues

July 15, 2024

In this issue:

  1. Using LLMs to Exploit Vulnerabilities
  2. Rethinking Democracy for the Age of AI
  3. The Hacking of Culture and the Creation of Socio-Technical Debt
  4. New Blog Moderation Policy
  5. Recovering Public Keys from Signatures
  6. Ross Anderson’s Memorial Service
  7. Paul Nakasone Joins OpenAI’s Board of Directors
  8. Breaking the M-209
  9. The US Is Banning Kaspersky
  10. Security Analysis of the EU’s Digital Wallet
  11. James Bamford on Section 702 Extension
  12. Model Extraction from Neural Networks
  13. Public Surveillance of Bars
  14. Upcoming Book on AI and Democracy
  15. New Open SSH Vulnerability
  16. On the CSRB’s Non-Investigation of the SolarWinds Attack
  17. Reverse-Engineering Ticketmaster’s Barcode System
  18. RADIUS Vulnerability
  19. Apple Is Alerting iPhone Users of Spyware Attacks
  20. The NSA Has a Long-Lost Lecture by Adm. Grace Hopper
  21. Upcoming Speaking Engagements
Read This Issue →

June 15, 2024

In this issue:

  1. Zero-Trust DNS
  2. FBI Seizes BreachForums Website
  3. IBM Sells Cybersecurity Group
  4. Detecting Malicious Trackers
  5. Unredacting Pixelated Text
  6. Personal AI Assistants and Privacy
  7. On the Zero-Day Market
  8. Lattice-Based Cryptosystems and Quantum Cryptanalysis
  9. Privacy Implications of Tracking Wireless Access Points
  10. Supply Chain Attack against Courtroom Software
  11. How AI Will Change Democracy
  12. AI Will Increase the Quantity—and Quality—of Phishing Scams
  13. Seeing Like a Data Structure
  14. Breaking a Password Manager
  15. Online Privacy and Overfishing
  16. Espionage with a Drone
  17. The Justice Department Took Down the 911 S5 Botnet
  18. Security and Human Behavior (SHB) 2024
  19. Exploiting Mistyped URLs
  20. LLMs Acting Deceptively
  21. Using AI for Political Polling
  22. AI and the Indian Election
  23. Demo of AES GCM Misuse Problems
  24. Upcoming Speaking Engagements
Read This Issue →

May 15, 2024

In this issue:

  1. New Lattice Cryptanalytic Technique
  2. X.com Automatically Changing Link Text but Not URLs
  3. Using AI-Generated Legislative Amendments as a Delaying Technique
  4. Other Attempts to Take Over Open Source Projects
  5. Using Legitimate GitHub URLs for Malware
  6. Microsoft and Security Incentives
  7. Dan Solove on Privacy Regulation
  8. The Rise of Large-Language-Model Optimization
  9. Long Article on GM Spying on Its Cars’ Drivers
  10. Whale Song Code
  11. WhatsApp in India
  12. AI Voice Scam
  13. The UK Bans Default Passwords
  14. Rare Interviews with Enigma Cryptanalyst Marian Rejewski
  15. My TED Talks
  16. New Lawsuit Attempting to Make Adversarial Interoperability Legal
  17. New Attack on VPNs
  18. How Criminals Are Using Generative AI
  19. New Attack Against Self-Driving Car AI
  20. LLMs’ Data-Control Path Insecurity
  21. Another Chrome Vulnerability
  22. Upcoming Speaking Engagements
Read This Issue →

April 15, 2024

In this issue:

  1. Improving C++
  2. Drones and the US Air Force
  3. AI and the Evolution of Social Media
  4. Cheating Automatic Toll Booths by Obscuring License Plates
  5. Public AI as an Alternative to Corporate AI
  6. Google Pays $10M in Bug Bounties in 2023
  7. Licensing AI Engineers
  8. On Secure Voting Systems
  9. Security Vulnerability in Saflok’s RFID-Based Keycard Locks
  10. Hardware Vulnerability in Apple’s M-Series Chips
  11. Lessons from a Ransomware Attack against the British Library
  12. Ross Anderson
  13. Magic Security Dust
  14. Declassified NSA Newsletters
  15. XZ Utils Backdoor
  16. Class-Action Lawsuit against Google’s Incognito Mode
  17. Surveillance by the New Microsoft Outlook App
  18. Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed
  19. Security Vulnerability of HTML Emails
  20. US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack
  21. In Memoriam: Ross Anderson, 1956-2024
  22. Backdoor in XZ Utils That Almost Happened
  23. Smuggling Gold by Disguising it as Machine Parts
  24. Upcoming Speaking Engagements
Read This Issue →

March 15, 2024

In this issue:

  1. On the Insecurity of Software Bloat
  2. European Court of Human Rights Rejects Encryption Backdoors
  3. Microsoft Is Spying on Users of Its AI Tools
  4. Details of a Phone Scam
  5. New Image/Video Prompt Injection Attacks
  6. AIs Hacking Websites
  7. Apple Announces Post-Quantum Encryption Algorithms for iMessage
  8. China Surveillance Company Hacked
  9. A Cyber Insurance Backstop
  10. How the “Frontier” Became the Slogan of Uncontrolled AI
  11. NIST Cybersecurity Framework 2.0
  12. LLM Prompt Injection Worm
  13. The Insecurity of Video Doorbells
  14. Surveillance through Push Notifications
  15. How Public AI Can Strengthen Democracy
  16. A Taxonomy of Prompt Injection Attacks
  17. Essays from the Second IWORD
  18. Using LLMs to Unredact Text
  19. Jailbreaking LLMs with ASCII Art
  20. Burglars Using Wi-Fi Jammers to Disable Security Cameras
  21. Automakers Are Sharing Driver Data with Insurers without Consent
Read This Issue →

February 15, 2024

In this issue:

  1. Voice Cloning with Very Short Samples
  2. The Story of the Mirai Botnet
  3. Code Written with AI Assistants Is Less Secure
  4. Canadian Citizen Gets Phone Back from Police
  5. Speaking to the CIA’s Creative Writing Group
  6. Zelle Is Using My Name and Voice without My Consent
  7. AI Bots on X (Twitter)
  8. Side Channels Are Common
  9. Poisoning AI Models
  10. Quantum Computing Skeptics
  11. Chatbots and Human Conversation
  12. Microsoft Executives Hacked
  13. NSA Buying Bulk Surveillance Data on Americans without a Warrant
  14. New Images of Colossus Released
  15. CFPB’s Proposed Data Rules
  16. Facebook’s Extensive Surveillance Network
  17. A Self-Enforcing Protocol to Solve Gerrymandering
  18. David Kahn
  19. Deepfake Fraud
  20. Documents about the NSA’s Banning of Furby Toys in the 1990s
  21. Teaching LLMs to Be Deceptive
  22. On Software Liabilities
  23. No, Toothbrushes Were Not Used in a Massive DDoS Attack
  24. On Passkey Usability
  25. Molly White Reviews Blockchain Book
  26. A Hacker’s Mind is Out in Paperback
  27. Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms
  28. Upcoming Speaking Engagements
Read This Issue →

January 15, 2024

In this issue:

  1. A Robot the Size of the World
  2. Police Get Medical Records without a Warrant
  3. OpenAI Is Not Training on Your Dropbox Documents — Today
  4. GCHQ Christmas Codebreaking Challenge
  5. Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists
  6. Data Exfiltration Using Indirect Prompt Injection
  7. Ben Rothke’s Review of A Hacker’s Mind
  8. Google Stops Collecting Location Data from Maps
  9. New iPhone Security Features to Protect Stolen Devices
  10. AI and Lossy Bottlenecks
  11. AI Is Scarily Good at Guessing the Location of Random Photos
  12. TikTok Editorial Analysis
  13. Facial Recognition Systems in the US
  14. New iPhone Exploit Uses Four Zero-Days
  15. Improving Shor’s Algorithm
  16. Second Interdisciplinary Workshop on Reimagining Democracy
  17. PIN-Stealing Android Malware
  18. Facial Scanning by Burger King in Brazil
  19. Pharmacies Giving Patient Records to Police without Warrants
  20. On IoT Devices and Software Liability
  21. Upcoming Speaking Engagements
Read This Issue →

December 15, 2023

In this issue:

  1. New SSH Vulnerability
  2. Leaving Authentication Credentials in Public Code
  3. FTC’s Voice Cloning Challenge
  4. Ransomware Gang Files SEC Complaint
  5. Using Generative AI for Surveillance
  6. Email Security Flaw Found in the Wild
  7. Apple to Add Manual Authentication to iMessage
  8. LitterDrifter USB Worm
  9. Chocolate Swiss Army Knife
  10. Secret White House Warrantless Surveillance Program
  11. Digital Car Keys Are Coming
  12. Breaking Laptop Fingerprint Sensors
  13. Extracting GPT’s Training Data
  14. AI Decides to Engage in Insider Trading
  15. AI and Trust
  16. AI and Mass Spying
  17. Security Analysis of a Thirteenth-Century Venetian Election Protocol
  18. Spying through Push Notifications
  19. New Bluetooth Attack
  20. Facebook Enables Messenger End-to-End Encryption by Default
  21. New Windows/Linux Firmware Attack
  22. Surveillance by the US Postal Service
  23. Surveillance Cameras Disguised as Clothes Hooks
Read This Issue →

November 15, 2023

In this issue:

  1. Coin Flips Are Biased
  2. Security Vulnerability of Switzerland’s E-Voting System
  3. Analysis of Intellexa’s Predator Spyware
  4. Former Uber CISO Appealing His Conviction
  5. AI and US Election Rules
  6. Child Exploitation and the Crypto Wars
  7. EPA Won’t Force Water Utilities to Audit Their Cybersecurity
  8. Microsoft is Soft-Launching Security Copilot
  9. New NSA Information from (and about) Snowden
  10. Messaging Service Wiretap Discovered through Expired TLS Cert
  11. Hacking Scandinavian Alcohol Tax
  12. The Future of Drone Warfare
  13. Spyware in India
  14. New York Increases Cybersecurity Rules for Financial Companies
  15. Crashing iPhones with a Flipper Zero
  16. Spaf on the Morris Worm
  17. Decoupling for Security
  18. Online Retail Hack
  19. The Privacy Disaster of Modern Smart Cars
  20. Ten Ways AI Will Change Democracy
  21. How .tk Became a TLD for Scammers
  22. Upcoming Speaking Engagements
Read This Issue →

October 15, 2023

In this issue:

  1. On Technologies for Automatic Facial Recognition
  2. LLM Summary of My Book Beyond Fear
  3. Using Hacked LastPass Keys to Steal Cryptocurrency
  4. Detecting AI-Generated Text
  5. On the Cybersecurity Jobs Shortage
  6. New Revelations from the Snowden Documents
  7. Signal Will Leave the UK Rather Than Add a Backdoor
  8. Critical Vulnerability in libwebp Library
  9. NSA AI Security Center
  10. Hacking Gas Pumps via Bluetooth
  11. Malicious Ads in Bing Chat
  12. Political Disinformation and AI
  13. Deepfake Election Interference in Slovakia
  14. AI Risks
  15. Model Extraction Attack on Neural Networks
  16. Cisco Can’t Stop Using Hard-Coded Passwords
  17. Bounty to Recover NIST’s Elliptic Curve Seeds
  18. Hacking the High School Grading System
Read This Issue →
← Earlier NewsletterLater Newsletter →

Sidebar photo of Bruce Schneier by Joe MacInnis.