Welcome – New England Safety Partners, LLC

Leaking Screen Information on Zoom Calls through Reflections in Eyeglasses

September 23, 2022 Welcome Bruce Schneier 0

Okay, it’s an obscure threat. But people are researching it:

Our models and experimental results in a controlled lab setting show it is possible to reconstruct and recognize with over 75 percent accuracy on-screen texts that have heights as small as 10 mm with a 720p webcam.” That corresponds to 28 pt, a font size commonly used for headings and small headlines.
[…]
Being able to read reflected headline-size text isn’t quite the privacy and security problem of being able to read smaller 9 to 12 pt fonts. But this technique is expected to provide access to smaller font sizes as high-resolution webcams become more common…

CISA Releases Eight industrial Control Systems Advisories

September 19, 2022 Welcome CISA 0

Original release date: September 19, 2022 | Last revised: September 20, 2022CISA has released eight (8) Industrial Control Systems (ICS) advisories on September 20, 2022. These advisories provide timely information about current security issues, vulner…

CISA Releases Eleven Industrial Control Systems Advisories

September 15, 2022 Welcome CISA 0

Original release date: September 15, 2022CISA has released eleven (11) Industrial Control Systems (ICS) advisories on September 15, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surroundi…

CISA Releases Four Industrial Control Systems Advisories

September 8, 2022 Welcome CISA 0

Original release date: September 8, 2022CISA released four Industrial Control Systems (ICS) advisories on September 08, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CIS…

CISA Releases Five Industrial Control Systems Advisories

September 6, 2022 Welcome CISA 0

Original release date: September 6, 2022CISA has released five Industrial Control Systems (ICS) advisories on September 06, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
…

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

September 4, 2022 Welcome BrianKrebs 0

A 21-year-old New Jersey man has been arrested and charged with stalking in connection with a federal investigation into groups of cybercriminals who are settling scores by hiring people to carry out physical attacks on their rivals. Prosecutors say the defendant recently participated in several of these schemes — including firing a handgun into a Pennsylvania home and torching a residence in another part of the state with a Molotov Cocktail.

Friday Squid Blogging: Squid Images

September 2, 2022 Welcome Bruce Schneier 0

iStock has over 13,000 royalty-free images of squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.

Signal Phone Numbers Exposed in Twilio Hack

August 23, 2022 Welcome Bruce Schneier 0

Twilio was hacked earlier this month, and the phone numbers of 1,900 Signal users were exposed:

Here’s what our users need to know:
All users can rest assured that their message history, contact lists, profile information, whom they’d blocked, and other personal data remain private and secure and were not affected.
For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. This attack has since been shut down by Twilio. 1,900 users is a very small percentage of Signal’s total users, meaning that most were not affected…

CISA releases 5 Industrial Control Systems Advisories

August 18, 2022 Welcome CISA 0

Original release date: August 18, 2022CISA has released 5 Industrial Control Systems (ICS) advisories on August 18, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA en…

$23 Million YouTube Royalties Scam

August 15, 2022 Welcome Bruce Schneier 0

Scammers were able to convince YouTube that other peoples’ music was their own. They successfully stole $23 million before they were caught.

No one knows how common this scam is, and how much money total is being stolen in this way. Presumably this is not an uncommon fraud.

While the size of the heist and the breadth of the scheme may be very unique, it’s certainly a situation that many YouTube content creators have faced before. YouTube’s Content ID system, meant to help creators, has been weaponized by bad faith actors in order to make money off content that isn’t theirs. While some false claims are just mistakes caused by automated systems, the MediaMuv case is a perfect example of how fraudsters are also purposefully taking advantage of digital copyright rules…

1 2 3 … 17 »

Category: Welcome