Posts

Schneier - Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at DemocracyXChange 2026 in Toronto, Ontario, Canada, on April 18, 2026. I’m speaking at the SANS AI Cybersecurity Summit 2026 in Arlington, Virginia, USA, at 9:40 AM ET on April 20, 2026. I’m speaking at the Nemertes [Next] Virtual Conference Spring 2026 , a virtual event, on April 29, 2026. I’m speaking at RightsCon 2026 in Lusaka, Zambia, on May 6 and 7, 2026. I’m giving a keynote address and participating in a panel discussion at an ICTLuxembourg event called “ Europe at the Crossroads of AI, Power & the Future of Democracy .” The event will be held at the University of Luxembourg’s Belval Campus on May 12, 2026. I’m speaking at the Potsdam Conference on National Cybersecurity  at the Hasso Plattner Institut in Potsdam, Germany. The event runs June 24–25, 2026, and my talk will be the evening of June 24. The list is maintained on this page . from Schneier on Security https://www.sc...
Post a Comment
Read more

The Axios Compromise

Image
This is probably the best article on this that I've seen:  Compromised axios npm package delivers cross-platform RAT
Post a Comment
Read more

The Hacker News - Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security

Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. "The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of vulnerabilities in a risky area, while also laying from The Hacker News https://thehackernews.com/2026/04/google-adds-rust-based-dns-parser-into.html
Post a Comment
Read more

KnowBe4 - New KnowBe4 Agent Risk Manager Addresses Pervasive AI Agent Risk

Image
By Roger A. Grimes and Matthew Duren from Human Risk Management Blog https://blog.knowbe4.com/agent-risk-manager-ai-security
Post a Comment
Read more

The Hacker News - Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. "Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real from The Hacker News https://thehackernews.com/2026/04/mirax-android-rat-turns-devices-into.html
Post a Comment
Read more

Schneier - How Hackers Are Thinking About AI

Interesting paper: “ What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation. ” Abstract: The rapid expansion of artificial intelligence (AI) is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to intensify the scale and sophistication of attacks by seasoned cybercriminals. This paper examines the evolving relationship between cybercriminals and AI using a unique dataset from a cyber threat intelligence platform. Analyzing more than 160 cybercrime forum conversations collected over seven months, our research reveals how cybercriminals understand AI and discuss how they can exploit its capabilities. Their exchanges reflect growing curiosity about AI’s criminal applications through legal tools and dedicated criminal tools, but also doubts and anxieties about AI’s effectiveness and its effects on their business models and operational security. The study documents attempts to misuse legi...
Post a Comment
Read more

The Hacker News - Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a "velocity gap" where the density of high-impact vulnerabilities is scaling faster than from The Hacker News https://thehackernews.com/2026/04/analysis-of-216m-security-findings.html
Post a Comment
Read more