Bruce Schneier – Page 37 – WindowsTechs.com

Improvements in Brute Force Attacks

Posted on March 17, 2025 by Bruce Schneier

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.”

Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that use shorter keys. In order to estimate the actual threat imposed by using those short keys, precise estimates for attacks are crucial.

In this work we provide optimized implementations of several widely used algorithms on GPUs, leading to interesting insights on the cost of brute force attacks on several real-word applications…

Continue reading Improvements in Brute Force Attacks→

Friday Squid Blogging: SQUID Band

Posted on March 14, 2025 by Bruce Schneier

A bagpipe and drum band:
SQUID transforms traditional Bagpipe and Drum Band entertainment into a multi-sensory rush of excitement, featuring high energy bagpipes, pop music influences and visually stunning percussion!
As usual, you can also use this sq… Continue reading Friday Squid Blogging: SQUID Band→

Upcoming Speaking Engagements

Posted on March 14, 2025 by Bruce Schneier

This is a current list of where and when I am scheduled to speak:

I’m speaking at the Rossfest Symposium in Cambridge, UK, on March 25, 2025.
I’m speaking at the University of Toronto’s Rotman School of Management in Toronto, Canada, on Ap… Continue reading Upcoming Speaking Engagements→

TP-Link Router Botnet

Posted on March 14, 2025 by Bruce Schneier

There is a new botnet that is infecting TP-Link routers:

The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security flaw (tracked as CVE-2023-1389) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks. The flaw also linked to the Condi and AndroxGh0st malware attacks.

[…]

Of the thousands of infected devices, the majority of them are concentrated in Brazil, Poland, the United Kingdom, Bulgaria and Turkey; with the botnet targeting manufacturing, medical/healthcare, services and technology organizations in the United States, Australia, China and Mexico…

Continue reading TP-Link Router Botnet→

RIP Mark Klein

Posted on March 13, 2025 by Bruce Schneier

2006 AT&T whistleblower Mark Klein has died.
Continue reading RIP Mark Klein→

China, Russia, Iran, and North Korea Intelligence Sharing

Posted on March 12, 2025 by Bruce Schneier

Former CISA Director Jen Easterly writes about a new international intelligence sharing co-op:

Historically, China, Russia, Iran & North Korea have cooperated to some extent on military and intelligence matters, but differences in language, culture, politics & technological sophistication have hindered deeper collaboration, including in cyber. Shifting geopolitical dynamics, however, could drive these states toward a more formalized intell-sharing partnership. Such a “Four Eyes” alliance would be motivated by common adversaries and strategic interests, including an enhanced capacity to resist economic sanctions and support proxy conflicts…

Continue reading China, Russia, Iran, and North Korea Intelligence Sharing→

Silk Typhoon Hackers Indicted

Posted on March 11, 2025 by Bruce Schneier

Lots of interesting details in the story:

The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China’s Ministry of Public Security who allegedly worked with them, and two other alleged hackers who are said to be part of the Chinese hacker group APT27, or Silk Typhoon, which prosecutors say was involved in the US Treasury breach late last year.

[…]

According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year. An internal Treasury report …

Continue reading Silk Typhoon Hackers Indicted→

Thousands of WordPress Websites Infected with Malware

Posted on March 10, 2025 by Bruce Schneier

The malware includes four separate backdoors:

Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users.

The four backdoors:

The functions of the four backdoors are explained below:

Backdoor 1, which uploads and installs a fake plugin named “Ultra SEO Processor,” which is then used to execute attacker-issued commands
…

Continue reading Thousands of WordPress Websites Infected with Malware→

Friday Squid Blogging: Squid Loyalty Cards

Posted on March 7, 2025 by Bruce Schneier

Squid is a loyalty card platform in Ireland.
Blog moderation policy.
Continue reading Friday Squid Blogging: Squid Loyalty Cards→

Rayhunter: Device to Detect Cellular Surveillance

Posted on March 7, 2025 by Bruce Schneier

The EFF has created an open-source hardware tool to detect IMSI catchers: fake cell phone towers that are used for mass surveillance of an area.
It runs on a $20 mobile hotspot.
Continue reading Rayhunter: Device to Detect Cellular Surveillance→