Tag: encryption
-
New Akira Ransomware Decryptor Leans on Nvidia GPU Power
A software programmer developed a way to use brute force to break the encryption of the notorious Akira ransomware using GPU compute power and enabling some victims of the Linux-focused variant of the malware to regain their encrypted data without having to pay a ransom. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/new-akira-ransomware-decryptor-leans-on-nvidia-gpu-power/
-
UK Cybersecurity Weekly News Roundup 16 March 2025
Tags: access, apple, attack, backdoor, backup, compliance, control, cyber, cyberattack, cybercrime, cybersecurity, data, encryption, finance, firewall, government, group, hacking, insurance, law, lockbit, malicious, network, office, privacy, ransomware, regulation, risk, russia, service, software, virusWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Government’s Stance on Encryption Raises Global Concerns The UK government has ordered Apple to provide backdoor access to iCloud users’ encrypted backups under the Investigatory Powers Act of 2016. This secret order…
-
Zoom Team Chat Decrypted, Exposing User Activity Data
Cybersecurity experts have successfully decrypted Zoom Team Chat data, revealing a wealth of information about user activities. This achievement underscores the importance of digital forensics in uncovering hidden digital evidence. The focus on Zoom Team Chat artifacts has shown that, despite encryption, crucial communications and shared files can be exposed through meticulous analysis. The decryption…
-
Apple encryption legal challenge heard behind closed doors despite calls for public hearing
Investigatory Powers Tribunal hearing held behind closed doors as press and civil society groups argue for open hearings First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620938/Apple-encryption-legal-challenge-heard-behind-closed-doors-despite-calls-for-public-hearing
-
AI development pipeline attacks expand CISOs’ software supply chain risk
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
Apple Introduces RCS EndEnd Encryption for iPhone Messages
Apple has announced the integration of end-to-end encryption (E2EE) for Rich Communication Services (RCS) on iPhones. This development follows the introduction of RCS in iOS 18, marking a new era in mobile messaging with enhanced privacy and security features. The GSMA, a key organizer behind this technology, has released new specifications incorporating E2EE based on…
-
Week in review: NIST selects HQC for post-quantum encryption, 10 classic cybersecurity books
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST selects HQC as backup algorithm for post-quantum encryption Last year, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/16/week-in-review-nist-selects-hqc-for-post-quantum-encryption-10-classic-cybersecurity-books/
-
New Akira ransomware decryptor cracks encryptions keys using GPUs
Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gpu-powered-akira-ransomware-decryptor-released-on-github/
-
Invisible C2″Š”, “Šthanks to AI-powered techniques
Tags: ai, api, attack, breach, business, chatgpt, cloud, communications, control, cyberattack, cybersecurity, data, defense, detection, dns, edr, email, encryption, endpoint, hacker, iot, LLM, malicious, malware, ml, monitoring, network, office, openai, powershell, service, siem, soc, strategy, threat, tool, update, vulnerability, zero-trustInvisible C2″Š”, “Šthanks to AI-powered techniques Just about every cyberattack needs a Command and Control (C2) channel”Š”, “Ša way for attackers to send instructions to compromised systems and receive stolen data. This gives us all a chance to see attacks that are putting us at risk. LLMs can help attackers avoid signature based detection Traditionally, C2…
-
A New Era of Attacks on Encryption Is Starting to Heat Up
The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say. First seen on wired.com Jump to article: www.wired.com/story/a-new-era-of-attacks-on-encryption-is-starting-to-heat-up/
-
Apple-UK Encryption Saga Continues: British Officials’ Clarification US Officials’ Warning
The British side reportedly said they would have to produce warrants for each individual data access request, so they will always have to be made as part of an investigation into serious crime. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-icloud-encryption-uk-us-privacy/
-
Apple Fights UK Over Encryption Backdoors as US Officials Warn of Privacy Violations
The British side reportedly said they would have to produce warrants for each individual data access request, so they will always have to be made as part of an investigation into serious crime. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-icloud-encryption-uk-us-privacy/
-
US Congress demands UK lifts gag on Apple encryption order
Apple and Google have told US lawmakers that they cannot tell Congress whether they have received technical capability notices from the UK First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620601/US-Congress-demands-UK-lifts-gag-on-Apple-encryption-order
-
RCS: Ende-zu-Ende-Verschlüsselung zwischen iOS und Android
Mit RCS Universal Profile 3.0 ist E2EE Teil des RCS-Standards. Ein wichtiger Schritt für die Sicherheit plattformübergreifender Nachrichten. First seen on golem.de Jump to article: www.golem.de/news/rcs-ende-zu-ende-verschluesselung-zwischen-ios-und-android-2503-194325.html
-
GSMA Confirms EndEnd Encryption for RCS, Enabling Secure Cross-Platform Messaging
The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms.To that end, the new GSMA specifications for RCS include E2EE based on the Messaging Layer Security (MLS) protocol First…
-
Apple’s alleged UK encryption battle sparks political and privacy backlash
National security defense being used to keep appeal behind closed doors First seen on theregister.com Jump to article: www.theregister.com/2025/03/14/apple_uk_encryption_hearing/
-
Google refuses to deny it received encryption order from UK government
U.S. lawmakers say Google has refused to deny that it received a Technical Capability Notice from the U.K., a mechanism to access encrypted messages that Apple reportedly received. First seen on therecord.media Jump to article: therecord.media/google-refuses-to-deny-it-received-uk-tcn
-
The most notorious and damaging ransomware of all time
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers
A team successfully decrypted an instance of the Akira ransomware on Linux/ESXi systems without succumbing to the hackers’ demands. This achievement not only underscores the ingenuity of cybersecurity experts but also serves as a powerful message to those who rely on extorting from vulnerable businesses and individuals. The Akira ransomware, known for its complex encryption…
-
Calls grow for UK to move secret Apple encryption court hearing to public session
In a joint letter on Thursday to Lord Justice Singh, a collection of British civil liberties groups asked him to use his discretion to open the hearing to the public, arguing that doing so would not prejudice national security. First seen on therecord.media Jump to article: therecord.media/calls-grow-uk-secret-apple-court-encryption-public
-
Sophos X-Ops verzeichnet rasante Zunahme von Remote-Ransomware
Remote-Verschlüsselung gehört mittlerweile zu den bevorzugten Methoden vieler Ransomware-Gruppen. Fast jedes Unternehmen hat blinde Flecken in seiner IT-Sicherheit First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-x-ops-verzeichnet-rasante-zunahme-von-remote-ransomware/a40128/
-
Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key
Tags: access, authentication, cloud, compliance, control, credentials, data, defense, encryption, fido, framework, government, healthcare, identity, infrastructure, mobile, nfc, password, phishing, regulation, service, software, strategy, technology, windowsBreaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 – 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings. The FIDO (Fast Identity Online) standard has emerged as the gold standard…
-
Legislative push for child online safety runs afoul of encryption advocates (again)
The Stop CSAM Act would compel companies to curb online child sexual abuse material, but critics argue it would also weaken encrypted services for all users. First seen on cyberscoop.com Jump to article: cyberscoop.com/stop-csam-act-senate-judiciary-hawley-durbin-encryption/
-
NIST selects HQC as backup algorithm for post-quantum encryption
Last year, NIST standardized a set of encryption algorithms that can keep data secure from a cyberattack by a future quantum computer. Now, NIST has selected a backup … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/12/nist-hqc-post-quantum-encryption-algorithm/
-
Secret London tribunal to hear appeal in Apple vs government battle over encryption
Campaigners call for High Court hearing to be held in public as tech giant appeals against UK government order to open a backdoor into its encrypted iCloud service First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620363/Secret-London-tribunal-to-hear-appeal-in-Apple-vs-government-battle-over-encryption
-
Ebyte Ransomware Targets Windows Users with Advanced Encryption Techniques
A new ransomware variant, known as Ebyte Ransomware, has emerged as a significant threat to Windows users. Developed in the Go programming language, this ransomware employs sophisticated encryption techniques, including ChaCha20 and Elliptic Curve Integrated Encryption Scheme (ECIES), to lock user files and demand ransom payments. The ransomware, inspired by Prince Ransomware, adds a unique…
-
PoC Released for SolarWinds Web Help Desk Vulnerability Exposing Passwords
A Proof-of-Concept (PoC) has been released for a significant vulnerability discovered in SolarWinds Web Help Desk, exposing encrypted passwords and other sensitive data. This vulnerability arises from the predictable encryption keys used in the application and the misuse of AES-GCM encryption, a widely respected cryptographic standard. The issue highlights the importance of secure key management…