Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

Links

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Navigation

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags

Backdoor in Notepad++

[syndicated profile] bruce_schneier_feed
Thursday, February 5th, 2026 12:00 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/02/backdoor-in-notepad.html

https://www.schneier.com/?p=71556

Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users.

Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised until September 2. Even then, the attackers maintained credentials to the internal services until December 2, a capability that allowed them to continue redirecting selected update traffic to malicious servers. The threat actor “specifically targeted Notepad++ domain with the goal of exploiting insufficient update verification controls that existed in older versions of Notepad++.” Event logs indicate that the hackers tried to re-exploit one of the weaknesses after it was fixed but that the attempt failed.

Make sure you’re running at least version 8.9.1.

https://www.schneier.com/blog/archives/2026/02/backdoor-in-notepad.html

https://www.schneier.com/?p=71556

US Declassifies Information on JUMPSEAT Spy Satellites

[syndicated profile] bruce_schneier_feed
Wednesday, February 4th, 2026 12:02 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/02/us-declassifies-information-on-jumpseat-spy-satellites.html

https://www.schneier.com/?p=71552

The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006.

I’m actually impressed to see a declassification only two decades after decommission.

https://www.schneier.com/blog/archives/2026/02/us-declassifies-information-on-jumpseat-spy-satellites.html

https://www.schneier.com/?p=71552

Minor operations; testing new serving path

mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)
[staff profile] mark[site community profile] dw_maintenance
Tuesday, February 3rd, 2026 10:25 pm

Hi all!

I'm doing some minor operational work tonight. It should be transparent, but there's always a chance that something goes wrong. The main thing I'm touching is testing a replacement for Apache2 (our web server software) in one area of the site.

Thank you!

Microsoft is Giving the FBI BitLocker Keys

[syndicated profile] bruce_schneier_feed
Tuesday, February 3rd, 2026 12:05 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/02/microsoft-is-giving-the-fbi-bitlocker-keys.html

https://www.schneier.com/?p=71550

Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year.

It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience. While that means someone can access their data if they forget their password, or if repeated failed attempts to login lock the device, it also makes them vulnerable to law enforcement subpoenas and warrants.

https://www.schneier.com/blog/archives/2026/02/microsoft-is-giving-the-fbi-bitlocker-keys.html

https://www.schneier.com/?p=71550

AI Coding Assistants Secretly Copying All Code to China

[syndicated profile] bruce_schneier_feed
Monday, February 2nd, 2026 12:05 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/02/ai-coding-assistants-secretly-copying-all-code-to-china.html

https://www.schneier.com/?p=71544

There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China.

Maybe avoid using them.

https://www.schneier.com/blog/archives/2026/02/ai-coding-assistants-secretly-copying-all-code-to-china.html

https://www.schneier.com/?p=71544

Rabbit! Rabbit! Rabbit!

wcg: (Default)
[personal profile] wcg
Sunday, February 1st, 2026 12:01 am
 
Happy Kalends of Febriarias!  Are you ready for Lupercalia?

Friday Squid Blogging: New Squid Species Discovered

[syndicated profile] bruce_schneier_feed
Friday, January 30th, 2026 10:05 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-new-squid-species-discovered.html

https://www.schneier.com/?p=71515

A new species of squid. pretends to be a plant:

Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods. They captured the bizarre scene while studying the depths of the Clarion-Clipperton Zone (CCZ), an abyssal plain in the Pacific Ocean targeted for deep-sea mining.

The team described the encounter in a study published Nov. 25 in the journal Ecology, writing that the animal appears to be an undescribed species of whiplash squid. At a depth of roughly 13,450 feet (4,100 meters), the squid had buried almost its entire body in sediment and was hanging upside down, with its siphon and two long tentacles held rigid above the seafloor.

“The fact that this is a squid and it’s covering itself in mud—it’s novel for squid and the fact that it is upside down,” lead author Alejandra Mejía-Saenz, a deep-sea ecologist at the Scottish Association for Marine Science, told Live Science. “We had never seen anything like that in any cephalopods…. It was very novel and very puzzling.”

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-new-squid-species-discovered.html

https://www.schneier.com/?p=71515

AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

[syndicated profile] bruce_schneier_feed
Friday, January 30th, 2026 03:35 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/01/ais-are-getting-better-at-finding-and-exploiting-security-vulnerabilities.html

https://www.schneier.com/?p=71541

From an Anthropic blog post:

In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.

[…]

A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generations. In particular, Sonnet 4.5 can now exfiltrate all of the (simulated) personal information in a high-fidelity simulation of the Equifax data breach—one of the costliest cyber attacks in history­­using only a Bash shell on a widely-available Kali Linux host (standard, open-source tools for penetration testing; not a custom toolkit). Sonnet 4.5 accomplishes this by instantly recognizing a publicized CVE and writing code to exploit it without needing to look it up or iterate on it. Recalling that the original Equifax breach happened by exploiting a publicized CVE that had not yet been patched, the prospect of highly competent and fast AI agents leveraging this approach underscores the pressing need for security best practices like prompt updates and patches.

AI models are getting better at this faster than I expected. This will be a major power shift in cybersecurity.

https://www.schneier.com/blog/archives/2026/01/ais-are-getting-better-at-finding-and-exploiting-security-vulnerabilities.html

https://www.schneier.com/?p=71541

The Constitutionality of Geofence Warrants

[syndicated profile] bruce_schneier_feed
Tuesday, January 27th, 2026 12:01 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/01/the-constitutionality-of-geofence-warrants.html

https://www.schneier.com/?p=71530

The US Supreme Court is considering the constitutionality of geofence warrants.

The case centers on the trial of Okello Chatrie, a Virginia man who pleaded guilty to a 2019 robbery outside of Richmond and was sentenced to almost 12 years in prison for stealing $195,000 at gunpoint.

Police probing the crime found security camera footage showing a man on a cell phone near the credit union that was robbed and asked Google to produce anonymized location data near the robbery site so they could determine who committed the crime. They did so, providing police with subscriber data for three people, one of whom was Chatrie. Police then searched Chatrie’s home and allegedly surfaced a gun, almost $100,000 in cash and incriminating notes.

Chatrie’s appeal challenges the constitutionality of geofence warrants, arguing that they violate individuals’ Fourth Amendment rights protecting against unreasonable searches.

https://www.schneier.com/blog/archives/2026/01/the-constitutionality-of-geofence-warrants.html

https://www.schneier.com/?p=71530

Ireland Proposes Giving Police New Digital Surveillance Powers

[syndicated profile] bruce_schneier_feed
Monday, January 26th, 2026 12:04 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/01/ireland-proposes-giving-police-new-digital-surveillance-powers.html

https://www.schneier.com/?p=71527

This is coming:

The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use.

https://www.schneier.com/blog/archives/2026/01/ireland-proposes-giving-police-new-digital-surveillance-powers.html

https://www.schneier.com/?p=71527

Friday Squid Blogging: Giant Squid in the Star Trek Universe

[syndicated profile] bruce_schneier_feed
Friday, January 23rd, 2026 10:03 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-giant-squid-in-the-star-trek-universe.html

https://www.schneier.com/?p=71512

Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation #5.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-giant-squid-in-the-star-trek-universe.html

https://www.schneier.com/?p=71512

AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities

[syndicated profile] bruce_schneier_feed
Friday, January 23rd, 2026 12:01 pm

Posted by Bruce Schneier

https://www.schneier.com/blog/archives/2026/01/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities.html

https://www.schneier.com/?p=71510

Really interesting blog post from Anthropic:

In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.

[…]

A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generations. In particular, Sonnet 4.5 can now exfiltrate all of the (simulated) personal information in a high-fidelity simulation of the Equifax data breach—­one of the costliest cyber attacks in history—­using only a Bash shell on a widely-available Kali Linux host (standard, open-source tools for penetration testing; not a custom toolkit). Sonnet 4.5 accomplishes this by instantly recognizing a publicized CVE and writing code to exploit it without needing to look it up or iterate on it. Recalling that the original Equifax breach happened by exploiting a publicized CVE that had not yet been patched, the prospect of highly competent and fast AI agents leveraging this approach underscores the pressing need for security best practices like prompt updates and patches.

Read the whole thing. Automatic exploitation will be a major change in cybersecurity. And things are happening fast. There have been significant developments since I wrote this in October.

https://www.schneier.com/blog/archives/2026/01/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities.html

https://www.schneier.com/?p=71510

There are no earlier entries to display. This page displays only the most recent 1000 entries posted within the last 14 days.