Sources on this Page

> Headlines by Category

 Home / Technology / Security / Authentication & Encryption

You are using the plain HTML view, switch to advanced view for a more complete experience.

Black Hat 2015: Cracking just about anything

Researchers at the Black Hat conference next week will show how to crack Internet routing protocols, malware-detecting honeypots radio-frequency ID gear that gates building access and more. They'll also offer tips on how to avoid becoming victims to their new attacks.

A pair of researchers will release a hardware device that exploits weaknesses in RFID access controls and show how to use it to break into buildings. The device exploits the communication protocol used by most access-control systems, according to the team, Eric Evenchick, a freelance developer, and Mark Baseggio, a security consultant for Accuvant.

To read this article in full or to leave a comment, please click here

Hacker steals Bitdefender customer log-in credentials, attempts blackmail

A hacker extracted customer log-in credentials from a server owned by Bitdefender that hosted the cloud-based management dashboards for its small and medium-size business clients.

The antivirus company confirmed the security breach but said in an emailed statement that the attack affected less than 1 percent of its SMB customers, whose passwords have since been reset. Consumer and enterprise customers were not affected, the company said.

The hacker, who uses the online alias DetoxRansome, first bragged about the breach on Twitter Saturday and later messaged Bitdefender threatening to release the company's "customer base" unless he was paid $15,000.

To read this article in full or to leave a comment, please click here

Researchers improve de-anonymization attacks for sites hiding on Tor

Researchers have developed a new technique that could allow attackers to determine with a high degree of accuracy which Tor websites users are accessing and where those websites are hosted.

The new attack, which improves upon previous traffic fingerprinting techniques, was devised by researchers from the Massachusetts Institute of Technology (MIT) and the Qatar Computing Research Institute (QCRI), who found ways to differentiate between different types of connections in a user's encrypted Tor traffic.

The Tor anonymity network was built to hide from network snoopers which websites or other Internet resources that user is accessing. It does this by wrapping the user's requests in several layers of encryption and routing them through multiple computers that run the Tor software.

To read this article in full or to leave a comment, please click here

Image Encryption Research based on Key Extracted from Iris Feature
The encryption algorithm has disadvantages like the long key making memory difficult and uneasy safekeeping, which causes a potential threat to the information security. Therefore,...
Critical BIND denial-of-service flaw could disrupt large portions of the Internet

Attackers could exploit a new vulnerability in BIND, the most popular Domain Name System (DNS) server software, to disrupt the Internet for many users.

The vulnerability affects all versions of BIND 9, from BIND 9.1.0 to BIND 9.10.2-P2, and can be exploited to crash DNS servers that are powered by the software.

The Domain Name System is the Internet's phone book. It's used to convert domain and host names into numerical Internet Protocol (IP) addresses that computers need to communicate with each other. The DNS is made up of a global network of servers and a very large number of them run BIND, a software package developed and maintained by a nonprofit corporation called the Internet Systems Consortium (ISC).

To read this article in full or to leave a comment, please click here

Opponents focus on defeating CISA cyberthreat info-sharing bill

Opponents of a U.S. Senate bill intended to encourage businesses to share information about cyberthreats may have stalled a vote on the legislation.

Recent news reports had Senate Majority Leader Mitch McConnell pushing for a vote on the Cybersecurity Information Sharing Act (CISA) before a four-week summer recess starting Aug. 10, but a spokesman for the Kentucky Republican said Thursday there were no immediate plans for a vote.

fightforthefuture fax protest cisa Screenshot/Fight for the Future

Digital rights group Fight for the Future launched an old-school fax campaign opposing CISA, a cyberthreat sharing bill.

To read this article in full or to leave a comment, please click here

An Improved Anonymous Remote user Authentication Scheme with Key Agreement based on Dynamic Identity
To keep the pace with the development of internet technology, remote user authentication techniques become more and more important to protect user's privacy. Recently, the research...
A Chebyshev-Map Based One-Way Authentication and Key Agreement Scheme for Multi-Server Environment
One-way authentication and key agreement scheme can achieve strong user anonymity and transmitted data confidentiality over insecure public communication channel, which is very use...
OPM, Anthem hackers may also have breached United Airlines

The cyberespionage group that stole the personal records of millions of Americans from U.S. health insurer Anthem and the U.S. Office of Personnel Management (OPM) has also reportedly breached United Airlines.

The data stolen from United includes flight manifests, which contain information on passengers, their travel origins and destinations, Bloomberg reported Wednesday citing unnamed people familiar with the investigation.

The breach may have been discovered with the help of investigators in the OPM case who built a list of other potential victims after analyzing the domain names, phishing emails and attack infrastructure used by the group, the media organization reported.

To read this article in full or to leave a comment, please click here

Researchers develop astonishing Web-based attack on a computer's DRAM

Millions of Web users could be vulnerable to an attack on their computer's DRAM via the Web, a surprising development that expands on a bug that has increasingly worried computer security experts.

It has been known for several years that densely packed memory cells on computers are vulnerable to intentional interference. But a new research paper details how an attack could be conducted over the Web, dramatically increasing the danger to users.

The new paper, published by Austrian and French institutions, could prompt a new urgency among chipmakers to find a long-term solution to the so-called rowhammer problem.

To read this article in full or to leave a comment, please click here

Post Selected Items to:

Showing 10 items of 107

home  •   advertising  •   terms of service  •   privacy  •   about us  •   contact us  •   press release design by Popshop •   Official PR partner B2BLogger.com •   © 1999-2015 NewsKnowledge