Author: infossl

New SHA-1 Attack

Posted on By infossl
academicpapers, certifications, cryptography, encryption, forgery, impersonation, keys, pgp, Security technology, sha1

There’s a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We managed to significantly reduce the complexity of collisions attack against SHA-1: on an Nvidia GTX 970, identical-prefix collisions can now be computed with … Read More “New SHA-1 Attack” »

USB Cable Kill Switch for Laptops

Posted on By infossl
dataprotection, falsepositives, hardware, linux, Security technology, securityengineering, theft

BusKill is designed to wipe your laptop (Linux only) if it is snatched from you in a public place: The idea is to connect the BusKill cable to your Linux laptop on one end, and to your belt, on the other end. When someone yanks your laptop from your lap or table, the USB cable … Read More “USB Cable Kill Switch for Laptops” »

Friday Squid Blogging: Giant Squid Video from the Gulf of Mexico

Posted on By infossl
Security technology, squid, video

Fantastic video: Scientists had used a specialized camera system developed by Widder called the Medusa, which uses red light undetectable to deep sea creatures and has allowed scientists to discover species and observe elusive ones. The probe was outfitted with a fake jellyfish that mimicked the invertebrates’ bioluminescent defense mechanism, which can signal to larger … Read More “Friday Squid Blogging: Giant Squid Video from the Gulf of Mexico” »

Chrome Extension Stealing Cryptocurrency Keys and Passwords

Posted on By infossl
blockchain, chrome, cryptocurrency, fraud, keys, passwords, Security technology, theft

A malicious Chrome extension surreptitiously steals Ethereum keys and passwords: According to Denley, the extension is dangerous to users in two ways. First, any funds (ETH coins and ERC0-based tokens) managed directly inside the extension are at risk. Denley says that the extension sends the private keys of all wallets created or managed through its … Read More “Chrome Extension Stealing Cryptocurrency Keys and Passwords” »

Hacking School Surveillance Systems

Posted on By infossl
generations, hacking, privacy, schools, Security technology, surveillance

Lance Vick suggesting that students hack their schools’ surveillance systems. “This is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine,” he said. Of course, there are a lot more laws in place against this sort of thing than there were in — say — … Read More “Hacking School Surveillance Systems” »

Chinese Hackers Bypassing Two-Factor Authentication

Posted on By infossl
china, hacking, rsa, Security technology, twofactorauthentication

Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid … Read More “Chinese Hackers Bypassing Two-Factor Authentication” »

ToTok Is an Emirati Spying Tool

Posted on By infossl
apple, eavesdropping, google, malware, phones, privacy, Security technology, smartphones, spyware, surveillance, unitedarabemirates

The smartphone messaging app ToTok is actually an Emirati spying tool: But the service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers. It is used by the government of the United Arab Emirates to try … Read More “ToTok Is an Emirati Spying Tool” »