Informations about SSL certificates and networks security
DiceKeys is a physical mechanism for creating and storing a 192-bit key. The idea is that you roll a special set of twenty-five dice, put them into a plastic jig, and then use an app to convert those dice into a key. You can then use that key for a variety of purposes, and regenerate … Read More “DiceKeys” »
Rhode Island has an official state appetizer, and it’s calamari. Who knew? As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Sound waves through the body are unique enough to be a biometric: “Modeling allowed us to infer what structures or material features of the human body actually differentiated people,” explains Joo Yong Sim, one of the ETRI researchers who conducted the study. “For example, we could see how the structure, size, and weight of the … Read More “Yet Another Biometric: Bioacoustic Signatures” »
Researchers are using recordings of keys being used in locks to create copies. Once they have a key-insertion audio file, SpiKey’s inference software gets to work filtering the signal to reveal the strong, metallic clicks as key ridges hit the lock’s pins [and you can hear those filtered clicks online here]. These clicks are vital … Read More “Copying a Key by Listening to It in Action” »
Interesting paper: “How weaponizing disinformation can bring down a city’s power grid“: Abstract: Social media has made it possible to manipulate the masses via disinformation and fake news at an unprecedented scale. This is particularly alarming from a security perspective, as humans have proven to be one of the weakest links when protecting critical infrastructure … Read More “Using Disinformation to Cause a Blackout” »
Interesting story of a vaccine for the Emotet malware: Through trial and error and thanks to subsequent Emotet updates that refined how the new persistence mechanism worked, Quinn was able to put together a tiny PowerShell script that exploited the registry key mechanism to crash Emotet itself. The script, cleverly named EmoCrash, effectively scanned a … Read More “Vaccine for Emotet Malware” »
A group of researchers set up a telephony honeypot and tracked robocall behavior: NCSU researchers said they ran 66,606 telephone lines between March 2019 and January 2020, during which time they said to have received 1,481,201 unsolicited calls — even if they never made their phone numbers public via any source. The research team said … Read More “Robocall Results from a Telephony Honeypot” »
Scientists have edited the genome of the Doryteuthis pealeii squid with CRISPR. A first. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE), Qatar, and Saudi Arabia, should be seen as the “simulation of scandal” – deliberate attempts to direct moral judgement against their target. Although “hacking” tools enable … Read More “UAE Hack and Leak Operations” »
Mike Stay broke an old zipfile encryption algorithm to recover $300,000 in bitcoin. DefCon talk here. Powered by WPeMatico