Custom search

Police Crack Comms to Bust Money Laundering Group

Case relied on decrypting Sky ECC messages

The Hacker News

Google Introduces First Quantum Resilient FIDO2 Security Key

Google introduces Quantum-Resilient FIDO2 Security Key. Learn about the ECC/Dilithium hybrid signature schema that enhances security against quantum

Bleeping Computer

Google released first quantum-resilient FIDO2 key implementation

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich.

Bleeping Computer

Windows 11 makes TPM Diagnostics tool its first optional feature

Windows 11 comes with a new optional feature called 'TPM Diagnostics' that allows administrators to query the data stored on a device's TPM security processor.

PCMag

4 months ago

Iranian Allegedly Used Encrypted App to Hire Contract Killers in US

While using the encrypted app Sky Global, Iranian Naji Sharifi-Zindashti conspired with a Hells Angels member to kill two Maryland residents, the US says.

SC Magazine

Apple upgrades iMessage encryption with post-quantum cryptography

The feature will roll out publicly with iOS 17.4 in March and is already available in beta.

Bleeping Computer

EncroChat takedown led to 6,500 arrests and $979 million seized

Europol announced today that the takedown of the EncroChat encrypted mobile communications platform has led to the arrest of over 6,600 people and the seizure of $979 million in illicit funds.

Security Affairs

EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds

Europol announced that the takedown of the EncroChat encrypted chat network has led to the arrest of 6,558 people and the seizure of $979 million in illicit funds. Europol announced that the dismantling of the encrypted chat network EncroChat has led to the arrest of over 6,558 individuals worldwide and the seizure of $979 million […]

Bleeping Computer

Babuk ransomware's full source code leaked on hacker forum

A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum.

Bleeping Computer

Apple adds PQ3 quantum-resistant encryption to iMessage

Apple is adding to the iMessage instant messaging service a new post-quantum cryptographic protocol named PQ3, designed to defend encryption from quantum attacks.

Ars Technica

7 months ago

There’s a new way to flip bits in DRAM, and it works against the latest defenses

New technique produces lots of bitflips and could one day help form an attack.

The Hacker News

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

Apple's iMessage is getting a major security boost with PQ3, the 'strongest' post-quantum encryption yet

The Record

Google proposes new security keys to protect data from future quantum attacks

The company says its proposed implementation will allow for the creation of quantum-resilient security keys under FIDO2 standards.

Bleeping Computer

7 months ago

Bounty offered for secret NSA seeds behind NIST elliptic curves algo

A bounty of $12,288 has been announced for the first person to crack the NIST elliptic curves seeds and discover the original phrases that were hashed to generate them.

Cyber Security News

Apple Adds PQ3 post-quantum Encryption for iMessage

Apple has released its new PQ3 (post-quantum) cryptographic protocol, claimed to be the first-ever messaging protocol to reach Level 3 security.

The Hacker News

Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

It took researchers about 62 minutes to crack a late-stage Post-Quantum Encryption candidate algorithm using a single-core CPU.

SecurityWeek

7 months ago

SAP Releases 7 New Notes on October 2023 Patch Day

SAP has released seven new notes as part of its October 2023 Security Patch Day, all rated ‘medium severity’.

The Hacker News

Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement

Joint law enforcement operation cracks #Exclu, an encrypted messaging app used by organized crime groups, resulting in 45 arrests.

SecurityWeek

SAP Patches Critical Vulnerability in PowerDesigner Product

SAP has fixed over a dozen new vulnerabilities with its Patch Tuesday updates, including a critical flaw in its PowerDesigner product.

Latest Hacking News

Apple iMessage Adds Quantum Resistance To Its Encryption With PQ3 Protocol

Apple announced a significant security upgrade to its existing encryption – PQ3 protocol – ensuring users a safer communication with quantum resistance. Apple iMessage Adds Quantum Resistance The Cupertino giant Apple has now planned to enhance its

SecurityWeek

6 months ago

SAP Patches Critical Vulnerability in Business One Product

SAP released a hotfix for a critical-severity improper access control vulnerability in Business One product installation.

Ars Technica

8 months ago

The Signal Protocol used by 1+ billion people is getting a post-quantum makeover

Update prepares for the inevitable fall of today's cryptographic protocols.

Naked Security

Critical cryptographic Java security blunder patched – update now!

Either know the private key and use it scrupulously in your digital signature calculation…. or just send a bunch of zeros instead.

Latest Hacking News

New LockBit Ransomware Variant Evolves To Target Linux Systems

the Linux LockBit ransomware variant appeared online in late 2021, exhibiting tremendous stealth and malicious capabilities.

Bleeping Computer

1 month ago

Microsoft releases Exchange hotfixes for security update issues

Microsoft has released hotfix updates to address multiple known issues impacting Exchange servers after installing the March 2024 security updates.

The Hacker News

EncroChat Bust Leads to 6,558 Criminals' Arrests and €900 Million Seizure

The takedown of EncroChat, the infamous encrypted messaging platform used by organized crime, results in 6,558 global arrests and the recovery of €900

The Hacker News

Emotet Botnet's Latest Resurgence Spreads to Over 100,000 Computers

Emotet botnet malware has infected over 100,000 computers since its latest resurgence in November 2021, and the number is steadily increasing.

Latest Hacking News

Mozilla Patched “BigSig” Vulnerability That Affects The NSS Cryptographic Library

A critical BigSig memory corruption bug affected Mozilla's NSS cryptographic library. It affected many NSS-using products, except Firefox.

SecurityWeek

8 months ago

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA

SAP has released patches for a critical vulnerability impacting multiple enterprise applications, including NetWeaver and S/4HANA.

SecurityWeek

5 months ago

SAP Patches Critical Vulnerability in Business Technology Platform

SAP patches multiple vulnerabilities in the Business Technology Platform, including a critical elevation of privilege bug.

Cyber Security News

European Dismantle of EncroChat Led To 6,500 Arrests & Seizure Of $979 Million Funds

More than 6,500 people were arrested as a result of the takedown of the encrypted phone service platform Encrochat, and 900 million euros.

Bleeping Computer

Emotet growing slowly but steadily since November resurgence

The notorious Emotet botnet is still being distributed steadily in the wild, having now infected 92,000 systems in 172 countries.

Bleeping Computer

2 months ago

New ZenHammer memory attack impacts AMD Zen CPUs

Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.

Security Affairs

New Emotet botnet is rapidly growing, with +130K unique bots spread across 179 countries

A few months after its return the Emotet botnet has already infected over 130,000 unique bots spread across 179 countries. The Emotet botnet continues to grow and has infected approximately 130,000 hosts since its resurrection in November 2021. Early 2021, law enforcement and judicial authorities worldwide conducted a joint operation, named Operation Ladybird, which disrupted the EMOTET […]

Bleeping Computer

Linux version of LockBit ransomware targets VMware ESXi servers

LockBit is the latest ransomware gang whose Linux encryptor has been discovered to be focusing on the encryption of VMware ESXi virtual machines.

The Hacker News

2 months ago

New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

Researchers at ETH Zurich have cracked AMD Zen 2 & Zen 3 defenses against RowHammer attacks, naming their technique "ZenHammer".

ZDNet

Intel debuts vPro enterprise platform supported by 12th-gen processor range | ZDNet

New enhancements include ransomware and supply chain attack detection.

Security Affairs

Updates from the MaaS: new threats delivered through NullMixer

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Introduction During March 2023, we obtained information and data regarding an ongoing malware operation hitting more than 8.000 targets within a few weeks, with a particular emphasis on North American, Italian, and French […]

Cyber Security News

10 months ago

SAP vulnerabilities Let Attacker Inject OS Commands—Patch Now!

SAP has released their updates for patch day of this month in which several vulnerabilities have been fixed and CVEs have been updated. The severity of the patched bugs varies from 4.5 (medium) to 10.0 (critical).

Cyber Security News

10 months ago

ChatGPT For Penetration Testing - An Effective Reconnaissance Phase of Pentest

ChatGPT enhances information security by providing valuable insights for efficient reconnaissance in penetration testing.

DarkReading

Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel

Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.

Cyber Security News

Staying On Top of TLS Attacks With SSL Certificate - Cyber Security News

The Transport Layer Security (TLS)/ Secure Socket Layer (SSL) protocol is critical to ensuring data confidentiality, privacy, security, and integrity in transit on the internet. However, they are not 100% immune from being attacked by threat actors who leverage SSL/ TLS vulnerabilities to orchestrate attacks.

Trend Micro

Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant

LockBit ransomware's operators announced the release of its first Linux and ESXi variant in October. With samples also spotted in the wild, we discuss the impact and analysis of this variant.

Trend Micro

Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack

We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North Korea.

DarkReading

Exclu Shutdown Underscores Outsized Role Messaging Apps Play in Cybercrime

Apps like Telegram, WhatsApp, and Discord are a hotbed of cybercriminal communication and scams.

Bleeping Computer

The Week in Ransomware - December 23rd 2022 - Targeting Microsoft Exchange

Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate networks to steal data and deploy ransomware.

DataBreaches

Bits ‘n Pieces (Trozos y Piezas)

CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the...

DataBreaches