Tagged: schneier on security

Disguising Exfiltrated Data 0

Disguising Exfiltrated Data

There’s an interesting article on a data exfiltration technique. What was unique about the attackers was how they disguised traffic between the malware and command-and-control servers using Google Developers and the public Domain Name System (DNS) service of Hurricane Electric, based in Fremont, Calif

US Air Force is Focusing on Cyber Deception 0

US Air Force is Focusing on Cyber Deception

The US Air Force is focusing on cyber deception next year: Background: Deception is a deliberate act to conceal activity on our networks, create uncertainty and confusion against the adversary’s efforts to establish situational awareness and to influence and misdirect adversary perceptions and decision processes. Military deception is defined as “those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly mission.” Military forces have historically used techniques such as camouflage, feints, chaff, jammers, fake equipment, false messages or traffic to alter an enemy’s perception of reality. Modern day military planners need a capability that goes beyond the current state-of-the-art in cyber deception to provide a system or systems that can be employed by a commander when needed to enable deception to be inserted into defensive cyber operations.

Eavesdropping by Visual Vibrations 0

Eavesdropping by Visual Vibrations

Researchers are able to recover sound through soundproof glass by recording the vibrations of a plastic bag. Researchers at MIT, Microsoft, and Adobe have developed an algorithm that can reconstruct an audio signal by analyzing minute vibrations of objects depicted in video

The US Intelligence Community has a Third Leaker 0

The US Intelligence Community has a Third Leaker

Ever since The Intercept published this story about the US government’s Terrorist Screening Database, the press has been writing about a “second leaker”: The Intercept article focuses on the growth in U.S. government databases of known or suspected terrorist names during the Obama administration. The article cites documents prepared by the National Counterterrorism Center dated August 2013, which is after Snowden left the United States to avoid criminal charges.

Former NSA Director Patenting Computer Security Techniques 0

Former NSA Director Patenting Computer Security Techniques

Former NSA Director Keith Alexander is patenting a variety of techniques to protect computer networks. We’re supposed to believe that he developed these on his own time and they have nothing to do with the work he did at the NSA, except for the parts where they obviously did and therefore are worth $1 million per month for companies to license