Abandoned Hunter Biden’s laptop contained phone numbers for the Clintons, Secret Service officers and most of the Obama cabinet

The son of the man expected by many to be America’s next President abandoned a laptop containing a treasure trove of top-secret material, including his father’s private emails and mobile phone numbers, The Mail on Sunday can reveal. In an Read More …

Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558)

A security issue assigned CVE-2020-8558 was recently discovered in the kube-proxy, a networking component running on Kubernetes nodes. The issue exposed internal services of Kubernetes nodes, often run without authentication. On certain Kubernetes deployments, this could have exposed the api-server, Read More …

E.U. Authorities Crack Encryption of Massive Criminal and Murder Network

European law-enforcement officials have shut down an encrypted Android-based communications platform used exclusively by criminals to plot murders, traffic illegal drugs, commit money laundering and plan other organized crimes. An international law-enforcement team from the France and the Netherlands cracked the encryption Read More …

LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique

A new campaign is spreading the LimeRAT Remote Access Trojan by harnessing an old encryption technique in Excel files. LimeRAT is a simple Trojan designed for Windows machines. The malware is able to install backdoors on infected machines and encrypt Read More …

An In-Depth Technical Analysis of CurveBall (CVE-2020-0601)

The first Microsoft patch Tuesday of 2020 contained fixes for CVE-2020-0601, a vulnerability discovered by the United States’ National Security Agency (NSA) that affects how cryptographic certificates are verified by one of the core cryptography libraries in Windows that make up part of Read More …

Blocking A CurveBall: PoCs Out for Critical Microsoft-NSA Bug CVE-2020-0601

Security researchers have released proof-of-concept (PoC) codes for exploiting CurveBall (CVE-2020-0601), the first bug that the National Security Agency (NSA) reported. Included in this year’s first cycle of Patch Tuesday updates, the vulnerability affects Windows operating systems’ CryptoAPI’s validation of Elliptic Curve Cryptography (ECC) Read More …

Exploit Fully Breaks SHA-1, Lowers the Attack Bar

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by Gaëtan Leurent Read More …

Interpol to support the breaking of end-to-end encryption

International police body Interpol has joined the growing list of law enforcement agencies that back the idea of breaking encrypted communications, echoing concerns that the technology protects criminals. Interpol is expected to argue later today that encryption frustrates criminal investigations Read More …