Cryptography - Page 2Cryptography - Page 2.35 - Results from #27

Discover Cryptography News

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process.

LinuxSecurity.com Team
Feb 13, 2023

Clop Ransomware Flaw Allowed Linux Victims to Recover Files for Months

The Clop ransomware gang is now also using a malware variant that explicitly targets Linux servers, but a flaw in the encryption scheme has allowed victims to quietly recover their files for free for months.

LinuxSecurity.com Team
Feb 07, 2023

Intel's "DOITM" Security Feature Not Intended For Always-On Use, Linux Patches To Be Revised

Last week I wrote about Linux developers evaluating a new "DOITM" security mitigation for the latest Intel CPUs. While the cost for now of engaging the Data Operand Independent Timing Mode (DOITM) functionality is minimal, following internal Intel engineering discussions it looks like the Linux kernel patches will need to be re-worked with this functionality not intended to always be enabled.

LinuxSecurity.com Team
Feb 06, 2023

Linux Will Now Better Handle AMD SEV-SNP To Avoid Undefined Behavior For Old VMs

Merged on Sunday prior to tagging Linux 6.2-rc6 is a late "fix" for the AMD Secure Encrypted Virtualization Secure Nested Paging (SEV-SNP) code to avoid possible situations of undefined behavior with difficult to debug issues where a modern Linux host with SEV-SNP may try booting a Linux virtual machine with an outdated kernel.

LinuxSecurity.com Team
Jan 30, 2023

20.Lock AbstractDigital Circular Esm H200

New Boldmove Linux Malware Used to Backdoor Fortinet Devices

Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux and Windows malware.

LinuxSecurity.com Team
Jan 24, 2023

What is WireGuard?

The primary goal of any VPN is to create a secure encrypted tunnel for all your internet traffic by helping to shield it from hackers and others that want to take a peak, which may even include your ISP.

LinuxSecurity.com Team
Jan 19, 2023

Linux 6.3 To Support Pluton's CRB TPM2 On AMD Ryzen CPUs

If things go as planned, the TPM2 device found within Microsoft's Pluton security processor on the latest AMD Ryzen SoCs will be supported by Linux 6.3. The Microsoft Pluton security processor has been of concern to many Linux/open-source enthusiasts due to being a "black box" and plenty of unknowns around the provided root of trust, secure identity, secure attestation, and cryptographic services marketed by Pluton.

LinuxSecurity.com Team
Jan 17, 2023

Sigstore Announces the First Stable Release of Code and Certificate Signing Tool for Python

Sigstore community today announced the first stable release of sigstore-python, improving software supply chain security and paving the way for other client implementations of Sigstore that are in earlier stages.

LinuxSecurity.com Team
Jan 16, 2023

Latest IPFire Hardened Linux Firewall Distro Release Future-Proofs VPN Cryptography

IPFire developer Peter Müller announced today the general availability of IPFire 2.27 Core Update 172 as the latest stable release of this open-source hardened Linux firewall distribution for routers and firewalls bringing updates to VPN cryptography and updated components.

LinuxSecurity.com Team
Jan 02, 2023

Introducing Shufflecake: Plausible Deniability For Multiple Hidden Filesystems on Linux

Thursday the Kudelski Group's cybersecurity division released "a tool for Linux that allows creation of multiple hidden volumes on a storage device in such a way that it is very difficult, even under forensic inspection, to prove the existence of such volumes."

LinuxSecurity.com Team
Dec 14, 2022

Version 252 of systemd, As Expected, Locks Down the Linux Boot Process

The fall version of systemd is here, with support for increased boot security, including tightened full-disk encryption.

LinuxSecurity.com Team
Nov 09, 2022

OpenSSL Dodges a Security Bullet

The critical security vulnerability turned out to be two serious vulnerabilities. Still, they need patching ASAP.

LinuxSecurity.com Team
Nov 04, 2022

Microsoft's Lennart Poettering Proposes Tightening Up Linux Boot Process

Building your own initial RAMdisk? That's insecure!

LinuxSecurity.com Team
Oct 29, 2022

Incoming OpenSSL Critical Fix: Organizations, Users, Get Ready!

The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0).

LinuxSecurity.com Team
Oct 28, 2022

Linux 6.1 Continues Improving The RNG & Crypto Code

The random number generator "RNG" and crypto subsystem pull requests have already been submitted for the Linux 6.1 merge window.

LinuxSecurity.com Team
Oct 22, 2022

WireGuard vs. OpenVPN: Which VPN Protocol Is Best for You?

WireGuard and OpenVPN keep you safe online, but which is best?

LinuxSecurity.com Team
Oct 09, 2022

Google Makes Public Their Open-Source PSP Security Protocol

Hearing "open-source", "PSP", and "security" all together got me excited with my initial reaction thinking it was about AMD's Platform Security Processor (PSP) albeit that's not the case here. Google's PSP is the "PSP Security Protocol" and is designed for dealing with cryptographic hardware offloading at data center scale and used by Google already in production.

LinuxSecurity.com Team
May 22, 2022

Serious Security: Linux full-disk encryption bug fixed – patch now!

Lots of people “run Linux” without really knowing or caring – many home routers, navigational aids, webcams and other IoT devices are based on it; the majority of the world’s mobile phones run a Linux-derived variant called Android; and many, if not most, of the ready-to-go cloud services out there rely on Linux to host your content.

LinuxSecurity.com Team
Jan 17, 2022

3 years, 17 alphas, 2 betas, and over 7,500 commits later, OpenSSL version 3 is here

The OpenSSL team has released version 3.0 of its secure communications library after a lengthy gestation period. What have we learned during that time? Quite a bit, it appears.

LinuxSecurity.com Team
Sep 09, 2021

Crowdsec Multi Server Installation With Https Esm H200

Improve The CrowdSec Multi-Server Installation With HTTPS Between Agents

Learn how to improve the security of the CrowdSec multi-server installation with HTTPS between agents.

LinuxSecurity.com Team
Sep 01, 2021

Cryptography - Page 2.35

Abyss Locker Ransomware Targets Linux & Windows Users

Linux Foundation Joins Post-Quantum Cryptography Alliance

New Decryption Key Available for Babuk Tortilla Ransomware Victims