Category: passwords

Auto Added by WPeMatico

Compromising the Secure Boot Process

Posted on By infossl
cryptography, encryption, keys, passwords, Security technology, supply chain, Uncategorized, vulnerabilities

This isn’t good: On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In a public GitHub repository committed in December … Read More “Compromising the Secure Boot Process” »

Breaking a Password Manager

Posted on By infossl
bitcoin, cryptocurrency, passwords, Security technology, Uncategorized

Interesting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password. Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version­and subsequent … Read More “Breaking a Password Manager” »

The UK Bans Default Passwords

Posted on By infossl
botnets, Internet of Things, passwords, Security technology, uk, Uncategorized

The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new … Read More “The UK Bans Default Passwords” »

Canadian Citizen Gets Phone Back from Police

Posted on By infossl
cell phones, courts, law enforcement, passwords, phones, Security technology, Uncategorized

After 175 million failed password guesses, a judge rules that the Canadian police must return a suspect’s phone. [Judge] Carter said the investigation can continue without the phones, and he noted that Ottawa police have made a formal request to obtain more data from Google. “This strikes me as a potentially more fruitful avenue of … Read More “Canadian Citizen Gets Phone Back from Police” »

Cisco Can’t Stop Using Hard-Coded Passwords

Posted on By infossl
cisco, passwords, Security technology, Uncategorized, vulnerabilities

There’s a new Cisco vulnerability in its Emergency Responder product: This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow … Read More “Cisco Can’t Stop Using Hard-Coded Passwords” »

Using Hacked LastPass Keys to Steal Cryptocurrency

Posted on By infossl
cryptocurrency, operational security, Password Safe, passwords, Security technology, Uncategorized

Remember last November, when hackers broke into the network for LastPass—a password database—and stole password vaults with both encrypted and plaintext data for over 25 million users? Well, they’re now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet. That’s a really profitable hack. … Read More “Using Hacked LastPass Keys to Steal Cryptocurrency” »

Practice Your Security Prompting Skills

Posted on By infossl
games, LLM, passwords, Security technology, Uncategorized

Gandalf is an interactive LLM game where the goal is to get the chatbot to reveal its password. There are eight levels of difficulty, as the chatbot gets increasingly restrictive instructions as to how it will answer. It’s a great teaching tool. I am stuck on Level 7. Feel free to give hints and discuss … Read More “Practice Your Security Prompting Skills” »