Every time I think about doing a monthly roundup of security issues I’m reminded of how good Bruce’s is.

In this issue:

  1. NSA Attacks Against Virtual Private Networks
  2. Public Shaming of Companies for Bad Security
  3. Pegasus Spyware Used in 45 Countries
  4. Security Vulnerability in ESS ExpressVote Touchscreen Voting Computer
  5. AES Resulted in a $250-Billion Economic Benefit
  6. New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography
  7. New Variants of Cold-Boot Attack
  8. Evidence for the Security of PKCS #1 Digital Signatures
  9. Counting People through a Wall with Wi-Fi
  10. Yet Another IoT Cybersecurity Document
  11. Major Tech Companies Finally Endorse Federal Privacy Regulation
  12. More on the Five Eyes Statement on Encryption and Backdoors
  13. Facebook Is Using Your Two-Factor Authentication Phone Number to Target Advertising
  14. Sophisticated Voice Phishing Scams
  15. Terahertz Millimeter-Wave Scanners
  16. The Effects of GDPR’s 72-Hour Notification Rule
  17. Helen Nissenbaum on Data Privacy and Consent
  18. Chinese Supply Chain Hardware Attack
  19. Conspiracy Theories around the “Presidential Alert”
  20. Detecting Credit Card Skimmers
  21. Defeating the “Deal or No Deal” Arcade Game
  22. The US National Cyber Strategy
  23. Access Now Is Looking for a Chief Security Officer
  24. Security Vulnerabilities in US Weapons Systems
  25. Another Bloomberg Story about Supply-Chain Hardware Attacks from China
  26. Security in a World of Physically Capable Computers
  27. Upcoming Speaking Engagements

Here’s this month’s web version of it. Good Hunting.