Crypto Hack Earned Crooks $600 Million
In one of the largest cryptocurrency hacks to date, cyberattackers reportedly stole millions from the decentralized finance (DeFi) platform Poly Network. [...]
Showing only posts tagged cryptography. Show all posts.
Zoom Settlement: An $85M Business Case for Security Investment
Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup. [...]
Black Hat: New CISA Head Woos Crowd With Public-Private Task Force
Day two Black Hat keynote by CISA Director Jen Easterly includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime. [...]
Raccoon Stealer Bundles Malware, Propagates Via Google SEO
An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware. [...]
Kaseya Obtains Universal Decryptor for REvil Ransomware
The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it's unclear if the ransom was paid. [...]
Musk-Themed ‘$SpaceX’ Cryptoscam Invades YouTube Advertising
Beware: The swindle uses legitimately purchased YouTube ads, real liquidity, legitimate DEX Uniswap, and the real wallet extension MetaMask to create an entirely convincing fake coin gambit. [...]
Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft
Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms. [...]
Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft
Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms. [...]
Exchange Servers Targeted by ‘Epsilon Red’ Malware
REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. [...]
Bizarro Banking Trojan
Bizarro is a new banking trojan that is stealing financial information and crypto wallets....the program can be delivered in a couple of ways — either via malicious links contained within spam emails, or through a trojanized app. Using these sneaky methods, trojan operators will implant the malware onto a …
Newly Declassified NSA Document on Cryptography in the 1970s
This is a newly unclassified NSA history of its reaction to academic cryptography in the 1970s: “ NSA Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era,” Cryptographic Quarterly, Spring 1996, author still classified. [...]
Newly Unclassified NSA Document on Cryptography in the 1970s
This is a newly unclassified NSA history of its reaction to academic cryptography in the 1970s: “ New Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era,” Cryptographic Quarterly, Spring 1996, author still classified. [...]
Europol Credits Sweeping Arrests to Cracked Sky ECC Comms
Sky ECC claims that cops cracked a fake version of the app being passed off by disgruntled reseller. [...]
No, RSA Is Not Broken
I have been seeing this paper by cryptographer Peter Schnorr making the rounds: “Fast Factoring Integers by SVP Algorithms.” It describes a new factoring method, and its abstract ends with the provocative sentence: “This destroys the RSA cryptosystem.” It does not. At best, it’s an improvement in factoring …
Nvidia’s Anti-Cryptomining GPU Chip May Not Discourage Attacks
The hotly anticipated GeForce RTX 3060, a ray-tracing-friendly, advanced gaming graphics chip, will also throttle Ethereum mining. [...]
Let’s Encrypt Gears Up to Replace 200M Certificates a Day
The open CA prepares for ‘worst scenarios’ with new fiber, servers, cryptographic signing and more. [...]
US Cyber Command Valentine’s Day Cryptography Puzzles
The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link, in case Cyber Command takes the page down.) [...]
Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges
Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal. [...]
SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat
Congress is demanding the National Security Agency come clean on what it knows about the 2015 supply-chain attack against Juniper Networks. [...]
Critical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code
The flaw in the free-source library could have been ported to multiple applications. [...]
DanaBot Malware Roars Back into Relevancy
Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months. [...]
Ring Adds End-to-End Encryption to Quell Security Uproar
The optional feature was released free to users in a technical preview this week, adding a new layer of security to service, which has been plagued by privacy concerns. [...]
Best practices and advanced patterns for Lambda code signing
Amazon Web Services (AWS) recently released Code Signing for AWS Lambda. By using this feature, you can help enforce the integrity of your code artifacts and make sure that only trusted developers can deploy code to your AWS Lambda functions. Today, let’s review a basic use case along …
Cloning Google Titan 2FA keys
This is a clever side-channel attack: The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip, which acts as a secure element that stores the cryptographic secrets. Next, an attacker connects the chip to hardware …
Extracting Personal Information from Large Language Models Like GPT-2
Researchers have been able to find all sorts of personal information within GPT-2. This information was part of the training data, and can be extracted with the right sorts of queries. Paper: “ Extracting Training Data from Large Language Models.” Abstract: It has become common to publish large (billion parameter …
« newer articles | page 4 | older articles »