Tag Archives: encryption

As quantum computing threats loom, Microsoft updates its core crypto library

Getty Images reader comments 11 Microsoft has updated a key cryptographic library with two new encryption algorithms designed to withstand attacks from quantum computers. The updates were made last week to SymCrypt, a core cryptographic code library for handing cryptographic functions in Windows and Linux. The library, started in 2006, provides operations and algorithms developers… Read More: As quantum computing threats loom, Microsoft updates its core crypto… »

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

reader comments 118 The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains temporary physical access to it, researchers said Tuesday. The cryptographic flaw, known as a side channel, resides in a… Read More: YubiKeys are vulnerable to cloning attacks thanks to newly discovered… »

512-bit RSA key in home energy system gives control of “virtual power plant”

reader comments 78 When Ryan Castellucci recently acquired solar panels and a battery storage system for their home just outside of London, they were drawn to the ability to use an open source dashboard to monitor and control the flow of electricity being generated. Instead, they gained much, much more—some 200 megawatts of programmable capacity… Read More: 512-bit RSA key in home energy system gives control of… »

Proton is taking its privacy-first apps to a nonprofit foundation model

Getty Images reader comments 53 Proton, the secure-minded email and productivity suite, is becoming a nonprofit foundation, but it doesn’t want you to think about it in the way you think about other notable privacy and web foundations. “We believe that if we want to bring about large-scale change, Proton can’t be billionaire-subsidized (like Signal),… Read More: Proton is taking its privacy-first apps to a nonprofit foundation… »

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope

reader comments 9 The FBI is urging victims of one of the most prolific ransomware groups to come forward after agents recovered thousands of decryption keys that may allow the recovery of data that has remained inaccessible for months or years. The revelation, made Wednesday by a top FBI official, comes three months after an… Read More: 7,000 LockBit decryption keys now in the hands of the… »

Newly discovered ransomware uses BitLocker to encrypt victim data

reader comments 36 A previously unknown piece of ransomware, dubbed ShrinkLocker, encrypts victim data using the BitLocker feature built into the Windows operating system. BitLocker is a full-volume encryptor that debuted in 2007 with the release of Windows Vista. Users employ it to encrypt entire hard drives to prevent people from reading or modifying data… Read More: Newly discovered ransomware uses BitLocker to encrypt victim data »

Novel attack against virtually all VPN apps neuters their entire purpose

Getty Images reader comments 123 Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and… Read More: Novel attack against virtually all VPN apps neuters their entire… »

Hackers infect users of antivirus service that delivered updates over HTTP

Getty Images reader comments 16 Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service delivered updates over HTTP, a protocol vulnerable to attacks that corrupt or tamper with data as it travels over the Internet. The unknown hackers, who may have ties… Read More: Hackers infect users of antivirus service that delivered updates over… »

Hackers can read private AI assistant chats even though they’re encrypted

Aurich Lawson | Getty Images reader comments 22 AI assistants have been widely available for a little more than a year, and they already have access to our most private thoughts and business secrets. People ask them about becoming pregnant or terminating or preventing pregnancy, consult them when considering a divorce, seek information about drug… Read More: Hackers can read private AI assistant chats even though they’re… »

SSH protects the world’s most sensitive networks. It just got a lot weaker

Enlarge / Terrapin is coming for your data. Aurich Lawson | Getty Images reader comments 65 Sometime around the start of 1995, an unknown person planted a password sniffer on the network backbone of Finland’s Helsinki University of Technology (now known as Aalto University). Once in place, this piece of dedicated hardware surreptitiously inhaled thousands… Read More: SSH protects the world’s most sensitive networks. It just got… »