Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark”
Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark”
The small pyjama squid (Sepioloidea lineolata) produces toxic slime, “a rare example of a poisonous predatory mollusc.”
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Last updated at Fri, 02 May 2025 19:38:42 GMT Meterpreter Extended API Clipboard Monitoring Security is hard, and Open Source […]
Sooner or later, it’s going to happen. AI systems will start acting as agents, doing things on our behalf with some degree of autonomy. I think it’s worth thinking about the security of that now, while its still a nascent idea.
In 2019, I joined Inrupt, a company that is commercializing Tim Berners-Lee’s open protocol for distributed data ownership. We are working on a digital wallet that can make use of AI in this way. (We used to call it an “active wallet.” Now we’re calling it an “agentic wallet.”)
I talked about this a bit at the RSA Conference…
UK luxury department store Harrods discloses attempted cyberattack. Ascension Health discloses another breach. California man pleads guilty to stealing Disney data.
The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities
NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory”
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation.
It’s full of good advice. I especially appreciate this warning:
When deciding whether to use Advanced Cryptography, start with a clear articulation of the problem, and use that to guide the development of an appropriate solution. That is, you should not start with an Advanced Cryptography technique, and then attempt to fit the functionality it provides to the problem. …
FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords
UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability