We need to talk about mathematical backdoors in encryption algorithms

Security researchers regularly set out to find implementation problems in cryptographic algorithms, but not enough effort is going towards the search for mathematical backdoors, two cryptography professors have argued. Governments and intelligence agencies strive to control and bypass or circumvent Read More …

Triton Malware Targets Industrial Control Systems in Middle East

Researchers found malware called Triton on the industrial control systems of a company located in the Middle East. Attackers planted Triton, also called Trisis, with the intent of carrying out a “high-impact attack” against an unnamed company with the goal Read More …

Pre-Installed Password Manager On Windows 10 Lets Hackers Steal All Your Passwords

If you are running Windows 10 on your PC, then there are chances that your computer contains a pre-installed 3rd-party password manager app that lets attackers steal all your credentials remotely. Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a Read More …

19-Year-Old TLS Vulnerability Weakens Modern Website Crypto

A vulnerability called ROBOT, first identified in 1998, has resurfaced. Impacted are leading websites ranging from Facebook to Paypal, which are vulnerable to attackers that could decrypt encrypted data and sign communications using the sites’ own private encryption key. The Read More …

Why bother cracking PCs? Spot o’ malware on PLCs… Done. Industrial control network pwned

Security researchers have demonstrated a new technique for hacking air-gapped industrial control system networks, and hope their work will encourage the development of more robust defences for SCADA-based systems. Air-gapped industrial networks are thought to be difficult if not impossible Read More …

MoneyTaker Cybercriminal Group Steals $10 Million from Financial Institutions

Security researchers shed light on the Russian-speaking cybercriminal group MoneyTaker, which was reported to have perpetrated cyberattacks against financial organizations in the U.S. and Russia. The group reportedly stole as much as $10 million from at least 20 card payment and inter-bank Read More …

GCHQ’s cybersecurity accelerator just opened its door to nine new startups

Software designed to detect phishing emails, a platform to help developers write secure code, and a company which investigates cybercrime involving cryptocurrencies are just some of the ideas behind the startups that will join the second incarnation of GCHQ’s cyber-accelerator. Showcased at a launch Read More …

German intelligence unmasks alleged covert Chinese social media profiles

Germany’s intelligence service has published the details of social network profiles which it says are fronts faked by Chinese intelligence to gather personal information about German officials and politicians. The BfV domestic intelligence service took the unusual step of naming Read More …