The Present and Future of TV Surveillance
Ars Technica has a good article on what’s happening in the world of television surveillance. More than even I realized.
Page 51
US Federal Court Rules Against Geofence Warrants
This is a big deal. A US Appeals Court ruled that geofence warrants—these are general warrants demanding information about all people within a geographical boundary—are unconstitutional.
The decision seems obvious to me, but you can’t take anything for granted.
Friday Squid Blogging: Self-Healing Materials from Squid Teeth
Making self-healing materials based on the teeth in squid suckers.
Take a Selfie Using a NY Surveillance Camera
This site will let you take a selfie with a New York City traffic surveillance camera.
EDITED TO ADD: BoingBoing post.
Surveillance Watch
This is a fantastic project mapping the global surveillance industry.
Story of an Undercover CIA Officer who Penetrated Al Qaeda
Rolling Stone has a long investigative story (non-paywalled version here) about a CIA officer who spent years posing as an Islamic radical.
Unrelated, but also in the “real life spies” file: a fake Sudanese diving resort run by Mossad.
Hacking Wireless Bicycle Shifters
This is yet another insecure Internet-of-things story, this one about wireless gear shifters for bicycles. These gear shifters are used in big-money professional bicycle races like the Tour de France, which provides an incentive to actually implement this attack.
Research paper. Another news story.
Slashdot thread.
The State of Ransomware
Palo Alto Networks published its semi-annual report on ransomware. From the Executive Summary:
Unit 42 monitors ransomware and extortion leak sites closely to keep tabs on threat activity. We reviewed compromise announcements from 53 dedicated leak sites in the first half of 2024 and found 1,762 new posts. This averages to approximately 294 posts a month and almost 68 posts a week. Of the 53 ransomware groups whose leak sites we monitored, six of the groups accounted for more than half of the compromises observed.
In February, we reported a 49% increase year-over-year in alleged victims posted on ransomware leak sites. So far, in 2024, comparing the first half of 2023 to the first half of 2024, we see an even further increase of 4.3%. The higher level of activity observed in 2023 was no fluke.
Activity from groups like Ambitious Scorpius (distributors of BlackCat) and Flighty Scorpius (distributors of LockBit) has largely fallen off due to law enforcement operations. However, other threat groups we track such as Spoiled Scorpius (distributors of RansomHub) and Slippery Scorpius (distributors of DragonForce) have joined the fray to fill the void.
Friday Squid Blog: The Market for Squid Oil Is Growing
How did I not know before now that there was a market for squid oil?
The squid oil market has experienced robust growth in recent years, expanding from $4.56 billion in 2023 to $4.94 billion in 2024 at a compound annual growth rate (CAGR) of 8.5%. The growth in the historic period can be attributed to global market growth, alternative to fish oil, cosmetics and skincare industry, sustainability practices, regulatory influence.
New Windows IPv6 Zero-Click Vulnerability
The press is reporting a critical Windows vulnerability affecting IPv6.
As Microsoft explained in its Tuesday advisory, unauthenticated attackers can exploit the flaw remotely in low-complexity attacks by repeatedly sending IPv6 packets that include specially crafted packets.
Microsoft also shared its exploitability assessment for this critical vulnerability, tagging it with an “exploitation more likely” label, which means that threat actors could create exploit code to “consistently exploit the flaw in attacks.”
Details are being withheld at the moment. Microsoft strongly recommends patching now.
Sidebar photo of Bruce Schneier by Joe MacInnis.