Tag: Single | SpinSafe

There’s No Single Solution To Quantum-Proof Security

September 12, 2023/in Computer Security

Security CEO and founder of Safe Quantum Inc., working with data-driven companies to define, develop and deploy quantum-safe technologies.

getty

Early experiences working in security taught me that to really have a good defense, you need to have depth—you need more than one technology. You can’t just have antivirus, for example, you also need anomaly detection. You need all sorts of things that won’t fail the same way.

I look at what we’re doing today in quantum communications the same way.

That means our defenses can’t be all post-quantum cryptography (PQC) or all quantum key distribution (QKD). They can’t be all entanglement-based. It needs to be a combination of those things that will be successful.

Yet, in quantum today, there is uncertainty. Just look at where we are with post-quantum cryptography as NIST enters its seventh year of vetting candidate algorithms.

In my view, the U.S. government’s biggest challenge may be that it is taking a bifurcated approach to how we view quantum security and quantum networking.

On the one hand, the National Institute of Standards and Technology (NIST) has done an excellent job in whittling down more than 80 algorithm submissions to a few finalist crypto standards, but there have been some bumps along the way that are worrisome.

One finalist algorithm and one semi-finalist were hacked with a laptop computer—nothing close to a powerful quantum computer. Understanding the potential for a quantum computer to be able to break cryptographic standards even more quickly in the future, the NIST algorithms are being re-labeled as “quantum-resistant” rather than “quantum proof.”

On the other hand, we have the Department of Defense, led by the National Security Agency, concerned about what QKD might not be able to guard against, which has possibly slowed development in QKD technologies and QKD-enabled networks.

The risk there is that the United States isn’t doing any of this in a vacuum. China and Europe are already well ahead in launching QKD network testbeds.

Doom and gloom aside, there are very interesting things being done in quantum today. There’s a big focus on building quantum memory and on developing all the…

Source…

Azov Ransomware can modify its own code to delete every single file on a machine with a single click

December 31, 2022/in Internet Security

A ransomware attack that is successful may be very detrimental to a company. In the event that an organization is caught unprepared, they may be forced to choose between paying a ransom demand or erasing all of the data that was taken. The WannaCry attack, which occurred more than 5 years ago, fundamentally altered cybersecurity. It was the first global-scaled, multi-vectored cyberattack in the form of an attack encrypting for and foremost, a compromised machine’s files, rendering it unusable, though reversible. Its outsized influence on the cyber threat landscape was outstanding, and it was an attack that encrypted for and foremost, a compromised machine’s files.

Since then, ransomware attacks have increased in number, form, and forms, and have evolved to use a variety of strategies and approaches.

The information security industry first became aware of Azov when it was discovered as a payload of the SmokeLoader botnet. This botnet is often located at fraudulent sites that provide unlicensed software and cracks.

Source…

How it happened: Medibank hack came via a single login

November 18, 2022/in Internet Security

In private briefings to other companies, Medibank has revealed the source of the catastrophic hack that allowed Russian-backed cybercriminals to steal the intimate medical records of about 480,000 customers.

The criminal syndicate found the login credentials for a single support desk worker at the health insurer that did not have two-factor authentication – a basic security standard that sends a message to a mobile phone or email account for verification once a username and password have been entered – and gained access to virtually the entire contents of the company’s business.

Once inside, the hackers got even luckier. They were able to lurk for weeks without being noticed, ripping out sensitive data by the gigabyte as they went. By October 12, officers at the Australian Signals Directorate (ASD) decided to act on some suspicious activity that was playing out on the Medibank network and phoned the company about 1.20pm.

As it turns out, Medibank staff were watching the same “unusual cyberactivity” and wondering what to make of it. The next day, chief executive David Koczkar released a statement to the market acknowledging the intrusion, but believed there was no evidence at that time to suspect critical information had been stolen. That changed six days later when the hackers got in touch with some sample records. The news seemed to get worse and worse over the next few weeks as the size and scale of the problem grew.

But the hackers, who demanded a $15 million ransom that Medibank has refused to pay, may not have counted on their swindle being the one that fundamentally rewrote the rules of engagement for Australian authorities.

Late on Friday, November 11, Australian Federal Police Commissioner Reece Kershaw made a brief statement to media.

“We believe that those responsible for the breach are in Russia,” he said. “Our intelligence points to a group of loosely affiliated cybercriminals, who are likely responsible for past significant breaches in countries across the world.

“These…

Source…

A Single Flaw Broke Every Layer of Security in MacOS

August 12, 2022/in Computer Security

Every time you shut down your Mac, a pop-up appears: “Are you sure you want to shut down your computer now?” Nestled under the prompt is another option most of us likely overlook: the choice to reopen the apps and windows you have open now when your machine is turned back on. Researchers have now found a way to exploit a vulnerability in this “saved state” feature—and it can be used to break the key layers of Apple’s security protections.

The vulnerability, which is susceptible to a process injection attack to break macOS security, could allow an attacker to read every file on a Mac or take control of the webcam, says Thijs Alkemade, a security researcher at Netherlands-based cybersecurity firm Computest who found the flaw. “It’s basically one vulnerability that could be applied to three different locations,” he says.

After deploying the initial attack against the saved state feature, Alkemade was able to move through other parts of the Apple ecosystem: first escaping the macOS sandbox, which is designed to limit successful hacks to one app, and then bypassing the System Integrity Protection (SIP), a key defense designed to stop authorized code from accessing sensitive files on a Mac.

Alkemade—who is presenting the work at the Black Hat conference in Las Vegas this week—first found the vulnerability in December 2020 and reported the issue to Apple through its bug bounty scheme. He was paid a “pretty nice” reward for the research, he says, although he refuses to detail how much. Since then Apple has issued two updates to fix the flaw, first in April 2021 and again in October 2021.

When asked about the flaw, Apple said it did not have any comment prior to Alkemade’s presentation. The company’s two public updates about the vulnerability are light on detail, but they say the issues could allow malicious apps to leak sensitive user information and escalate privileges for an attacker to move through a system.

Apple’s changes can also be seen in Xcode, the company’s development workspace for app creators, a blog post describing the attack from Alkemade says. The researcher says that while Apple fixed the issue for Macs running the Monterey operating system,…

Source…

Tag Archive for: Single