Showing only posts in Bruce Schneier. Show all posts.

Criminal Gang Physically Assaulting People for Their Cryptocurrency

Source

This is pretty horrific :...a group of men behind a violent crime spree designed to compel victims to hand over access to their cryptocurrency savings. That announcement and the criminal complaint laying out charges against St. Felix focused largely on a single theft of cryptocurrency from an elderly North …

Cloudflare Reports that Almost 7% of All Internet Traffic Is Malicious

Source

6.8%, to be precise. From ZDNet : However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique …

Hacking Scientific Citations

Source

Some scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication year, journal or conference name, and page numbers of the cited publication. These details are stored …

RADIUS Vulnerability

Source

New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker …

Reverse-Engineering Ticketmaster’s Barcode System

Source

Interesting : By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure that they control. In doing so, they are removing the anti-scalping restrictions put on the tickets by …

Model Extraction from Neural Networks

Source

A new paper, “Polynomial Time Cryptanalytic Extraction of Neural Network Models,” by Adi Shamir and others, uses ideas from differential cryptanalysis to extract the weights inside a neural network using specific queries and their results. This is much more theoretical than practical, but it’s a really interesting result …

« newer articles | page 6 | older articles »