#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
AI Security

RSA | Breaking Cybersecurity News | The Hacker News

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

Feb 22, 2024 Quantum Computing / Encryption
Apple has announced a new post-quantum cryptographic protocol called  PQ3  that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach what we call Level 3 security — providing protocol protections that surpass those in all other widely deployed messaging apps," Apple  said . The iPhone maker described the protocol as "groundbreaking," "state-of-the-art," and as having the "strongest security properties" of any cryptographic convention deployed at scale. PQ3 is the latest security guardrail erected by Apple in iMessage after it switched from  RSA  to Elliptic Curve cryptography ( ECC ), and by protecting encryption keys on devices with the Secure Enclave in 2019. While the current algorith
ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

Aug 16, 2022
A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. Dubbed  ÆPIC Leak , the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner that's akin to an "uninitialized memory read in the CPU itself." "In contrast to transient execution attacks like  Meltdown and Spectre ,  ÆPIC Leak  is an architectural bug: the sensitive data gets directly disclosed without relying on any (noisy) side channel," the academics said. The study was conducted by researchers from the Sapienza University of Rome, the Graz University of Technology, Amazon Web Services, and the CISPA Helmholtz Center for Information Security. The vulnerability ( CVE-2022-21233 , CVSS score: 6.0), which affects CPUs with Sunny Cover microarchitecture, is rooted in a component called Advanced Programmable Interrupt Controller ( APIC ), wh
HUMINT: Diving Deep into the Dark Web

HUMINT: Diving Deep into the Dark Web

Jul 09, 2024Cybercrime / Dark Web
Discover how cybercriminals behave in Dark Web forums- what services they buy and sell, what motivates them, and even how they scam each other. Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites. Deep Web - Websites and forums that are unindexed by search engines. For example, webmail, online banking, corporate intranets, walled gardens, etc. Some of the hacker forums exist in the Deep Web, requiring credentials to enter. Dark Web - Web sources that require specific software to gain access. These sources are anonymous and closed, and include Telegram groups and invite-only forums. The Dark Web contains Tor, P2P, hacker forums, criminal marketplaces, etc. According to Etay Maor, Chief Security Strategist at Cato Networks , "We've been seeing a shift in how criminals communicate and co
Expert Insights
Cybersecurity Resources