Tag: cryptography

Wie PKI in vier Schritten bereit für das Quantenzeitalter wird

Apr 14, 2025 4:33 PM

Tags: cryptography

Das Quantenzeitalter ist nahe. In wenigen Jahren schon werden Angreifern die ersten Quantencomputer mit solch hoher Rechenleistung zur Verfügung stehen, dass sie derzeit noch als sicher geltende Verschlüsselungsalgorithmen innerhalb kürzester Zeit werden “šknacken’ können. Doch ist die Entwicklung der Post-Quantum-Cryptography (PQC) neuer quantenresistenter Algorithmen glücklicherweise schon weit vorangeschritten. Im Sommer des vergangenen Jahres […] First…
Top 16 OffSec, pen-testing, and ethical hacking certifications

Apr 10, 2025 1:05 PM

Tags: access, android, antivirus, application-security, attack, authentication, blockchain, bug-bounty, business, cisco, cloud, computing, credentials, crypto, cryptography, cyber, cybersecurity, data, defense, detection, encryption, exploit, guide, hacker, hacking, incident response, injection, iot, jobs, kali, linux, malware, microsoft, mitigation, mobile, network, penetration-testing, RedTeam, remote-code-execution, reverse-engineering, risk, risk-assessment, sap, skills, sql, technology, threat, tool, training, update, vulnerability, windows

Experiential learning Offensive security can’t be fully mastered through lectures alone. Candidates need hands-on training in lab environments to develop practical skills. Ideally, certification exams should include a practical assessment, such as developing an exploit to compromise a system.Because individuals learn OffSec techniques, such as penetration testing, in different ways, the most effective certifications offer…
Linux Firewall IPFire 2.29 Launches with Post-Quantum Encryption and System Enhancements

Apr 10, 2025 9:05 AM

Tags: cryptography, cyber, encryption, firewall, Hardware, linux, open-source, update

The open-source Linux firewall solution, IPFire, has officially released its latest version, IPFire 2.29 Core Update 193. This landmark update introduces cutting-edge post-quantum encryption capabilities for IPsec tunnels, along with extensive system upgrades to bolster security, performance, and hardware optimization for the long term. Post-Quantum Cryptography for a More Secure Future In a major step forward […]…
Using Post-Quantum Planning to Improve Security Hygiene

Apr 9, 2025 8:55 PM

Tags: cryptography, risk, risk-management

With careful planning, the transition to post-quantum cryptography can significantly improve security and risk management for the present and future. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/post-quantum-planning-security-hygiene
Post-Quantum Cryptography: Preparing for a Quantum Future

Apr 9, 2025 5:55 PM

Tags: computer, computing, cryptography, infrastructure, threat

As quantum computing continues to evolve, the security of our digital infrastructure is under increasing scrutiny. While quantum computers promise groundbreaking advancements, they also pose a significant threat to the cryptographic algorithms that protect sensitive information across the internet. Enter Post-Quantum Cryptography (PQC) which is our path to quantum safe security. In this blog, we’ll……
The SQL Server Crypto Detour

Apr 8, 2025 10:43 PM

Tags: access, api, backup, credentials, crypto, cryptography, data, encryption, jobs, microsoft, password, service, sql, tool, update, vulnerability, windows

As part of my role as Service Architect here at SpecterOps, one of the things I’m tasked with is exploring all kinds of technologies to help those on assessments with advancing their engagement. Not long after starting this new role, I was approached with an interesting problem. A SQL Server database backup for a ManageEngine’s…
Cybersecurity Snapshot: SANS Recommends Six Controls To Secure AI Systems, While NCSC Warns About Outdated API Security Methods

Apr 4, 2025 5:42 PM

Tags: access, advisory, ai, api, attack, authentication, best-practice, botnet, business, cisa, cloud, compliance, computer, control, credentials, cryptography, cyber, cyberattack, cybersecurity, data, detection, dns, endpoint, framework, governance, government, incident response, infrastructure, injection, intelligence, Internet, least-privilege, malicious, mitigation, monitoring, network, phishing, privacy, programming, regulation, resilience, risk, risk-management, sans, service, strategy, supply-chain, threat, training, unauthorized, update, zero-trust

Check out the security controls that SANS Institute says are essential for protecting your AI systems. Plus, the U.K. NCSC urges organizations to adopt newer API security techniques. In addition, CISA and other cyber agencies warn that attackers are using “fast flux” techniques to conceal their actions. And much more! Dive into five things that…
Navigating the Quantum Shift: A Practical Approach to Crypto-Agility with PQC-Enabled PKI

Apr 1, 2025 5:55 PM

Tags: computing, crypto, cryptography, cyber, encryption, threat

The conversation around quantum computing is shifting from theory to reality, especially when it’s centered on security and mounting threats against current encryption algorithms. The UK National Cyber Security Centre’s (NCSC) recent guidance on “PQC Migration Timelines” underscores the urgency for organizations to transition to post-quantum cryptography (PQC). Urgency is being driven by the rising……
UK Cybersecurity Weekly News Roundup 31 March 2025

Mar 31, 2025 4:13 PM

Tags: attack, best-practice, browser, chrome, computing, cryptography, cve, cyber, cybersecurity, exploit, flaw, framework, google, government, healthcare, incident, infrastructure, ransomware, risk, risk-assessment, software, threat, update, vulnerability, zero-day

UK Cybersecurity Weekly News Roundup – 31 March 2025 Welcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Warned of Inadequate Readiness Against State-Backed Cyberattacks Cybersecurity experts have sounded the alarm over the UK’s growing vulnerability to state-sponsored cyber threats. A…
Post-quantum cryptography and the future of online safety

Mar 29, 2025 5:13 AM

Tags: ceo, cryptography

In this Help Net Security video, Rebecca Krauthamer, CEO of QuSecure, explores the rising urgency of post-quantum cryptography (PQC) and what organizations must do to prepare. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/28/post-quantum-cryptography-video/
7 cutting-edge encryption techniques for reimagining data security

Mar 27, 2025 2:34 PM

Tags: ai, computer, cryptography, data, dns, encryption, government, ibm, identity, nist, office, privacy, risk, software, technology, training

Private information retrieval: Securing a database is fairly straightforward. Protecting the privacy of the users, however, is a bit more difficult. Private information retrieval algorithms make it possible for people to search the database for specific blocks of data without revealing too much to the database owner.This extra layer of protection relies on scrambling larger…
ETSI launches first post-quantum encryption standard

Mar 26, 2025 5:13 AM

Tags: communications, cryptography, cyber, data, encryption

European telco standards body launches its first post-quantum cryptography cyber standard, covering the security of critical data and communications First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366621214/ETSI-launches-first-post-quantum-encryption-standard
Quantenschlüssel aus der Sicht des CISO

Mar 25, 2025 6:13 AM

Tags: ciso, cryptography, encryption, Hardware, infrastructure, international

Quantum Key Distribution (QKD) dient dazu, Verschlüsselungsschlüssel sicher zwischen zwei Parteien zu verteilen.Der sogenannte Q-Day, an welchem Quantencomputer leistungsstark genug sind aktuelle Standardmethoden der Verschlüsselung zu knacken, rückt näher. Eine der Lösungen, welche zum Schutz vor dieser Quantenbedrohung entwickelt wurde, ist die sogenannte Quantum Key Distribution (QKD). Das Potenzial von QKD ist immens, ihr aktueller…
SHARED INTEL QA: Forrester highlights why companies need to strive for ‘cryptoagility’ today

Mar 24, 2025 10:13 AM

Tags: computing, cryptography, encryption

Quantum computing’s ability to break today’s encryption may still be years away”, but security leaders can’t afford to wait. Forrester’s The Future of Quantum Security makes it clear: the transition to quantum-safe cryptography must start now. Related: Quantum standards come of “¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/shared-intel-qa-forrester-highlights-why-companies-need-to-strive-for-cryptoagility-today/
Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Mar 21, 2025 8:13 PM

Tags: access, ai, attack, authentication, awareness, banking, best-practice, breach, business, cctv, cloud, compliance, computer, computing, control, crime, crimes, cryptography, cve, cyber, cybercrime, cybersecurity, data, deep-fake, detection, encryption, exploit, google, group, hacker, Hardware, identity, infrastructure, intelligence, Internet, iot, law, linux, malicious, malware, mitigation, mobile, network, open-source, organized, phishing, programming, ransomware, regulation, resilience, risk, router, service, software, strategy, technology, threat, tool, unauthorized, update, virus, vulnerability

Check out key findings and insights from the “Tenable Cloud AI Risk Report 2025.” Plus, get fresh guidance on how to transition to quantum-resistant cryptography. In addition, find out how AI is radically transforming cyber crime. And get the latest on open source software security; cyber scams; and IoT security. Dive into six things that…
NCSC proposes three-step plan to move to quantum-safe encryption

Mar 20, 2025 8:13 PM

Tags: cryptography, encryption, service

The NCSC urges service providers, large organisations and critical sectors to start thinking today about how they will migrate to post-quantum cryptography over the next decade First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366621031/NCSC-proposes-three-step-plan-to-move-to-quantum-safe-encryption
UK urges critical orgs to adopt quantum cryptography by 2035

Mar 20, 2025 6:13 PM

Tags: cryptography, cyber

The UK’s National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-urges-critical-orgs-to-adopt-quantum-cryptography-by-2035/
The post-quantum cryptography apocalypse will be televised in 10 years, says UK’s NCSC

Mar 20, 2025 3:13 PM

Tags: cryptography, government

Wow, a government project that could be on time for once … cos it’s gonna be wayyyy more than a decade First seen on theregister.com Jump to article: www.theregister.com/2025/03/20/ncsc_post_quantum_cryptogrpahy/
NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration

Mar 20, 2025 10:13 AM

Tags: attack, cryptography

New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ncsc-post-quantum-cryptography/
UK NCSC Sets 2035 Deadline for Post-Quantum Migration

Mar 20, 2025 5:13 AM

Tags: computer, cryptography, cyber, cybersecurity, encryption, government, infrastructure

Cyber Agency Urges Critical Infrastructure Operators to Migrate Within the Deadline. The British cybersecurity agency urged critical infrastructure operators to adopt to post-quantum cryptography by 2035 as it and other government agencies prepare for the inevitability of quantum computers capable of breaking current encryption algorithms. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-ncsc-sets-2035-deadline-for-post-quantum-migration-a-27776
Cloudflare treibt Post-Quanten-Sicherheit mit erster cloudnativen Zero-Trust-Lösung voran

Mar 18, 2025 3:52 PM

Tags: access, cryptography, network, zero-trust

Cloudflare gibt die Ausweitung einer lückenlosen Unterstützung für Post-Quanten-Kryptographie auf seine Zero-Trust-Network-Access-Lösung bekannt. Damit kann ab sofort die Kommunikation zwischen Browsern und firmeneigenen Webanwendungen über eine direkt verfügbare, quantensicher verschlüsselte Ende-zu-Ende-Verbindung erfolgen. Bis Mitte des Jahres wird Cloudflare diese Unterstützung auf alle IP-Protokolle ausweiten und auf diese Weise für die meisten Firmenanwendungen und -geräte erheblich…
Cloudflare Adopts Post-Quantum Cryptography to Combat Future Quantum Attacks

Mar 18, 2025 1:53 PM

Tags: attack, computer, cryptography, cyber, threat

Cloudflare has announced the implementation of post-quantum cryptography across its services. This advancement is part of a broader effort to protect customers from potential quantum attacks that could compromise conventional cryptographic systems in the future. Quantum computers, which are rapidly becoming more powerful, pose a significant threat to the cryptographic algorithms currently used to secure…
Improvements in Brute Force Attacks

Mar 18, 2025 12:52 AM

Tags: attack, cryptography, threat

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that…
Cloudflare Introduces E2E Post-Quantum Cryptography Protections

Mar 17, 2025 6:52 PM

Tags: cryptography, threat

Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cloudflare-e2e-post-quantum/
Cloudflare stärkt Zero Trust-Sicherheit mit Post-Quanten-Kryptographie

Mar 17, 2025 3:52 PM

Tags: cryptography, zero-trust

Die Zeit drängt innerhalb der nächsten fünf Jahre müssen Unternehmen auf Post-Quanten-Kryptographie umstellen. Accenture und Cloudflare ermöglichen einen hybriden Ansatz für eine sichere, schrittweise Migration mit maximaler Kompatibilität. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloudflare-staerkt-zero-trust-sicherheit-mit-post-quanten-kryptographie/a40153/
The most notorious and damaging ransomware of all time

Mar 14, 2025 9:52 AM

Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windows

Conti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
You need to prepare for post-quantum cryptography now. Here’s why

Mar 13, 2025 9:53 PM

Tags: cryptography

First seen on scworld.com Jump to article: www.scworld.com/resource/you-need-to-prepare-for-post-quantum-cryptography-now-heres-why
DeepSeek Deep Dive Part 1: Creating Malware, Including Keyloggers and Ransomware

Mar 13, 2025 7:52 PM

Tags: ai, antivirus, api, chatgpt, china, cloud, computer, cryptography, cybercrime, cybersecurity, data, detection, encryption, google, guide, injection, intelligence, law, LLM, malicious, malware, monitoring, network, north-korea, open-source, openai, privacy, programming, ransomware, service, software, strategy, threat, tool, training, unauthorized, vulnerability, windows

Tenable Research examines DeepSeek R1 and its capability to develop malware, such as a keylogger and ransomware. We found it provides a useful starting point, but requires additional prompting and debugging. Background As generative artificial intelligence (GenAI) has increased in popularity since the launch of ChatGPT, cybercriminals have become quite fond of GenAI tools to…
NIST Releases New Report on Crypto-Agility What You Need to Know Now

Mar 12, 2025 4:52 PM

Tags: crypto, cryptography, cybersecurity, nist, strategy, technology

If you’re keeping up with post-quantum cryptography (PQC), here’s some big news: The U.S. National Institute of Standards and Technology (NIST) has released a fresh initial public draft of a Cybersecurity Whitepaper titled Considerations for Achieving Crypto-Agility. This whitepaper tackles the real-world challenges and trade-offs involved in cryptographic transitions and discusses key strategies for achieving……
Neues E-Book »PQC für Dummies«

Mar 12, 2025 4:52 PM

Tags: computing, cryptography, infrastructure

Post-Quanten-Kryptografie: DigiCert-Sachbuch hilft Unternehmen bei der Vorbereitung auf das Quantum-Computing-Zeitalter. Das neue E-Book »PQC for Dummies« (Wiley Verlag) führt Einsteiger in die Thematik ein, wie sie sich auf zukünftige Herausforderungen des Quantencomputer-Zeitalters vorbereiten [1]. Verantwortliche im Unternehmen erhalten fundiertes Wissen und praxisnahe Strategien, wie sie Post-Quanten-Kryptographie (PQC) zur Absicherung ihrer digitalen Infrastruktur einsetzen können…. First…