Search results for Encryption-Base | Breaking Cybersecurity News | The Hacker News

A Senior cryptography expert has claimed multiple issues with PGP email encryption - an open source end-to-end encryption  to secure email. Before continuing, I would like to clarify that covering this topic doesn't mean you should stop using PGP encryption , instead we are bringing to you what Security researcher has argued about its fundamental implications.  PGP or Pretty Good Privacy , a program written in 1991, uses symmetric public key cryptography and hashing that allow both Privacy and Security , as well as Authenticity . Privacy and Security ensure users to exchange messages securely and Authenticity proves the origin of those messages. But PGP is a complicated multi-step process, which requires users to keep track of the public keys of other users in order to communicate. Despite clumsiness of the PGP implementation, the popular Internet giants such as Google and Yahoo! have looked forward to integrate it into their popular email services. A respected research p...

A team of academic researchers—who previously made the headlines earlier this year for uncovering severe security issues in the 4G LTE and 5G networks —today presented a new attack called ' ReVoLTE ,' that could let remote attackers break the encryption used by VoLTE voice calls and spy on targeted phone calls. The attack doesn't exploit any flaw in the Voice over LTE (VoLTE) protocol; instead, it leverages weak implementation of the LTE mobile network by most telecommunication providers in practice, allowing an attacker to eavesdrop on the encrypted phone calls made by targeted victims. VoLTE or Voice over Long Term Evolution protocol is a standard high-speed wireless communication for mobile phones and data terminals, including Internet of things (IoT) devices and wearables, deploying 4G LTE radio access technology. The crux of the problem is that most mobile operators often use the same keystream for two subsequent calls within one radio connection to encrypt th...

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that can be vital for governments and businesses, not to mention individuals. As a result, 5G networks are a prime target for attackers. For this reason, cybersecurity has been a key consideration in developing the 5G standard. 5G encompasses robust security features that guarantee confidentiality, integrity, and availability of network services and user data. In this article, Seva Vayner, Product Owner of  Gcore's Edge Cloud service , gives a deep dive into five of 5 G's cutting-edge security measures. He also delves into the pivotal performance capabilities of 5G, accompanied by use cases that demonstrate how contemporary, cloud...

At the 27th Chaos Communication Congress ( 27C3 ) hacker conference, security researchers demonstrated how open source software on a number of revamped, entry-level cell phones can decrypt and record mobile phone calls in the GSM network. Using a normal laptop and a homemade monitoring device, team leader Karsten Nohl of Berlin's  Security Research Labs  explained that GSM mobile communications can be decrypted in "around 20 seconds." He said his team was able to record and playback entire conversations in plain text. Last year, Nohl and his team showed how they managed to crack the A5/1 encryption algorithm used in GSM, in three months using 40 distributed computers. Since then, he says his team has considerably improved the rainbow tables needed for the attack; the tables are once again available from the BitTorrent peer-to-peer network. Nohl says he has also made a lot of progress with the other hardware and software needed for the attack. Furthermore, the scenar...

AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target. When an AI agent can query your Salesforce instance, trigger a Lambda function, or pull from a SharePoint knowledge base, it becomes a node in your infrastructure - with permissions, with reachability, and with paths that lead to critical assets. The XM Cyber threat research team mapped exactly how attackers could exploit that connectivity inside Bedrock environments. The result: eight validated attack vectors spanning log manipulation, knowledge base compromise, agent hijacking, flow injection, guardrail degradation, and prompt poisoning. In this article, we’ll walk through each vector - what it targets, how it works, and what an attacker can reach on the other side. The Eight Vectors The XM ...

The threat actors behind the  8Base ransomware  are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by the cybercriminals. “Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan," security researcher Guilherme Venere said in an exhaustive  two-part   analysis  published Friday. "This commodity loader typically drops or downloads additional payloads when deployed. In 8Base campaigns, however, it has the ransomware component embedded in its encrypted payloads, which is then decrypted and loaded into the SmokeLoader process’ memory." 8Base came into sharp focus in mid-2023, when a similar spike in activity was observed by the cybersecurity community. It’s said to be active at least since March 2022. A  previous analysis  from VMware Carbon Black in June 2023 identified parallels betw...

A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio ( TETRA ) standard for radio communication used widely by government entities and critical infrastructure sectors, including what's believed to be an intentional backdoor that could have potentially exposed sensitive information. The issues, discovered by Midnight Blue in 2021 and held back until now, have been collectively called  TETRA:BURST . There is no conclusive evidence to determine that the vulnerabilities have been exploited in the wild to date. "Depending on infrastructure and device configurations, these vulnerabilities allow for real time decryption, harvest-now-decrypt-later attacks, message injection, user deanonymization, or session key pinning," the Netherlands-based cybersecurity company  said . Standardized by the European Telecommunications Standards Institute (ETSI) in 1995, TETRA is used in more than 100 countries and as a police radio communication system ...

A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America , a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone towers, also known as "interceptors", may process the call. ESD America, the company that makes the super-secure CryptoPhone, makes one of the oldest and most expensive high-security cell phones in the market. It provides equipment and training to more than 40 countries with a goal to provide technical security assistance to government and corporate clients across Asia. SEVERAL ROGUE CELL PHONE TOWERS DISCOVERED While field-testing its secure Android handset, the CryptoPhone 500 , the firm came across the existence of a series of fake base stations along the Eastern seaboard of the US. Les Goldsmith, the CEO of ESD America, told the US publication Popular Science tha...

Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors. The fact that VECT's locker permanently destroys large files rather than encrypting them means even victims who opt to pay the ransom cannot get their data back, as the decryption keys are discarded by the malware during the time encryption occurs. "VECT is being marketed as ransomware, but for any file over 131KB – which is most of what enterprises actually care about – it functions as a data destruction tool," Eli Smadja, group manager at Check Point Research, said in a statement shared with The Hacker News. "CISOs need to understand that in a VECT incident, paying is not a recovery strategy. There is no decrypter that can be handed over, not because the attackers are unwilling, but beca...

Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across a growing customer base and an extensive catalog of over 1800 container image projects, 148,000 versions, 290,000 images, and 100,000 language libraries, and almost half a billion builds, they can see what teams pull, deploy, and maintain day-to-day, along with the vulnerabilities and remediation realities that come hand in hand.  That’s why they created The State of Trusted Open Source , a quarterly pulse on the open source software supply chain. As they analyzed anonymized product usage and CVE data, the Chainguard team noticed common themes around what open source engineering teams are actually building with and the risks associated.  Here’s what they found:  AI is reshaping the baseline stack: Python led the way as the most popular open source image among Chainguard’s glo...

If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely. A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users' cellular networks, modify the contents of their communications, and even can re-route them to malicious or phishing websites. LTE, or Long Term Evolution, is the latest mobile telephony standard used by billions of people designed to bring many security improvements over the predecessor standard known as Global System for Mobile (GSM) communications. However, multiple security flaws have been discovered over the past few years, allowing attackers to intercept user's communications, spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and knock devices entirely offline. 4G LTE Network Vulnerabilities Now, security researchers...

The U.S. Department of Health and Human Services (HHS) has cautioned of ongoing Royal ransomware attacks targeting healthcare entities in the country. "While most of the known ransomware operators have performed Ransomware-as-a-Service, Royal appears to be a private group without any affiliates while maintaining financial motivation as their goal," the agency's Health Sector Cybersecurity Coordination Center (HC3)  said  [PDF]. "The group does claim to steal data for double-extortion attacks, where they will also exfiltrate sensitive data." Royal ransomware, per  Fortinet FortiGuard Labs , is said to be active since at least the start of 2022. The malware is a 64-bit Windows executable written in C++ and is launched via the command line, indicating that it involves a human operator to trigger the infection after obtaining access to a targeted environment. Besides deleting volume shadow copies on the system, Royal utilizes the OpenSSL cryptographic library ...

The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti  emerged  in June 2022, weeks after the Conti ransomware group shut down its operations, deliberately imitating the tactics and tools associated with the latter, including its leaked source code. Not anymore. The new version, per Trend Micro, is a departure of sorts, exhibiting significant changes from its other Linux-based predecessors. "Unlike the earlier variant, which is primarily based on the leaked Conti source code, this new version employs a different encryptor with additional distinct behaviors," Trend Micro researchers Nathaniel Morales and Joshua Paul Ignacio  said . A  BinDiff analysis  has revealed that while the older iterations had a 99% similarity rate with Conti, the latest version has only a 29% similarity rate, suggesting an overhaul. Some of the cruc...

German Hacker Cracks GSM Call Encryption Code A German computer boffin has worked out a way to crack code used to encrypt most of the world's mobile Internet traffic. Karsten Nohl is going to publish a guide to prompt global operators to improve their safeguards. Karsten Nohl and his team of 24 hackers began working on the security algorithm for GSM (Global System for Mobiles) in August.Developed in 1988, the system prevents the interception of calls by forcing phones and base stations to change frequencies constantly. Most of the UK's mobile phones use the GSM system and the breach represents a potential threat to the security of mobile phone communication. The discovery of a way to eavesdrop so-called General Packet Radio Service (GPRS) technology allows a user to read emails and observe the Internet use of a person whose phone is hacked, said Karsten Nohl, head of Security Research Labs." With our technology we can capture GPRS data communications in a radius of 5...