Cryptography
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A ransomware variant dubbed "Abyss Locker" has been observed targeting Microsoft Windows and Linux platforms. The Abyss Locker ransomware is believed to be based on the HelloKitty ransomware source code. It steals and encrypts victims' files, demanding ransom for decryption and preventing the release of stolen data. The ransomware's severity level is classified as high, showcasing the urgency of addressing this issue.
The Linux Foundation recently announced the launch of the Post-Quantum Cryptography Alliance (PQCA). This open and collaborative initiative aims to address the security challenges posed by quantum computing through the development and adoption of post-quantum cryptography.
Start-up MagiQ Technologies, from Somerville, Massachusetts, has released the first commercial implementation of quantum cryptography, the much-heralded solution to the perfect encryption cipher. Theoretically, encryption ciphers created using quantum physics are unbreakable. . .
A new decryptor has been created for Babuk Tortilla ransomware victims, which will be included in a generic Babuk Decryptor that will contain all Babuk keys currently available. Let's examine the threat that Babuk ransomware poses to your systems and how to recover encrypted files should you fall victim to an attack.
Boot security has become an increasingly important topic in recent years as threats against system integrity continue to evolve. Secure Boot is a security standard developed to provide protection against such threats by validating the integrity of boot software. With Secure Boot, security is enforceable during the boot process rather than relying solely on the operating system. This helps prevent malicious software from embedding itself early in the boot process, providing an additional layer of defense against low-level attacks.
The Linux version of Qilin, a new ransomware strain that debuted in January, has been spotted in the wild. It's also one of the first ransomware families to target VMware ESXi.
This Wired story describes the recent contest created to decipher 10 increasingly difficult codes set by author Simon Singh in his international bestseller The Code Book. Quite interesting. There's also the step-by-step analysis of what the Swedish cryptographers did in their . . .
A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution.
Rijndael becomes the new data encryption standard beating out Schneier, IBM, and others. This DejaNews thread talks about the announcement of the winner of the new encryption standard. The Rijndael home page also provides some interesting . . .
The following text describes a security hole in the encrypted loop device for linux. Because of it, an attacker is able to modify the content of the encrypted device without being detected. This text proposes to fix the hole by authenticating the device.. . .
This issue, we have reports of FreeS/WAN running on the Sharp Zaurus (item 1) and having a few small issues with RedHat 8.0 (item 2). Claudia Schmeing has posted a new revision of our interoperation document (item 3). Item 4 has a great discussion on the use of routing protocols with FreeS/WAN.. . .
Original papers are solicited on all aspects of financial data security and digital commerce for submission to the Sixth Annual Conference on Financial Cryptography (FC '02). FC '02 brings together researchers in the financial, legal, cryptologic, and data security fields to foster cooperation and exchange of ideas.. . .
I received a phone call today from a lady with the U.S. Bureau of Export Administration (BXA) who'd read my AEScrypt page (the URL of which I'd submitted to them for an export license exemption as required by U.S. . . .
Several fake cryptography applications have appeared on Canonical's Snap Store. These web application security vulnerabilities seek to steal user funds and inflict other damaging data and network security issues. Canonical is investigating the matter, and access is restricted while investigating the risky cryptography today.
GitHub has officially rolled out its passkeys security feature for general availability, following a two-month beta testing phase. Passkeys introduce a cloud-synced authentication system using cryptographic key pairs, allowing users to access websites and applications using their screen-lock PIN, biometrics, or physical security key.
Linux 6.4 or newer paired with the latest cryptsetup development code has landed support for the OPAL specification for self-encrypting drives.
The Monti ransomware was found in June 2022 that attracted notice due to its close resemblance to the Conti ransomware, both in name and tactics, drawing attention from cybersecurity experts and organizations.
A security engineer at Linux distro maker SUSE has published an advisory for a flaw in the Mozilla VPN client for Linux that has yet to be addressed in a publicly released fix because the disclosure process went off the rails.
The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.
A ransomware operation known as Akira has been seen encrypting VMware ESXi virtual machines using a Linux encryptor after a couple of months of targeting Windows systems.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.