Uncategorized – Page 59 – SSL and internet security news

Breaking RSA with a Quantum Computer

January 3, 2023 infossl

academic papers, china, cryptanalysis, cryptography, quantum computing, rsa, Security technology, Uncategorized

A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong. We have long known from Shor’s algorithm that factoring with a quantum computer is easy. But it … Read More “Breaking RSA with a Quantum Computer” »

Friday Squid Blogging: Grounded Fishing Boat Carrying 16,000 Pounds of Squid

December 30, 2022 infossl

Security technology, squid, Uncategorized

Rough seas are hampering efforts to salvage the boat: The Speranza Marie, carrying 16,000 pounds of squid and some 1,000 gallons of diesel fuel, hit the shoreline near Chinese Harbor at about 2 a.m. on Dec. 15. Six crew members were on board, and all were rescued without injury by another fishing boat. […] However, … Read More “Friday Squid Blogging: Grounded Fishing Boat Carrying 16,000 Pounds of Squid” »

Recovering Smartphone Voice from the Accelerometer

December 30, 2022 infossl

academic papers, eavesdropping, Security technology, side-channel attacks, smartphones, Uncategorized

Yet another smartphone side-channel attack: “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers“: Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks … Read More “Recovering Smartphone Voice from the Accelerometer” »

QR Code Scam

December 28, 2022 infossl

forgery, QR codes, scams, Security technology, Uncategorized

An enterprising individual made fake parking tickets with a QR code for easy payment. Powered by WPeMatico

Arresting IT Administrators

December 27, 2022 infossl

antivirus, cyberattack, law enforcement, patching, Security technology, Uncategorized

This is one way of ensuring that IT keeps up with patches: Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by alleged Iranian hackers. Prosecutors said the five IT officials of the public administration department had failed to check the … Read More “Arresting IT Administrators” »

LastPass Breach

December 26, 2022 infossl

breaches, cloud computing, data breaches, Password Safe, passwords, Security technology, Uncategorized

Last August, LastPass reported a security breach, saying that no customer information—or passwords—were compromised. Turns out the full story is worse: While no customer data was accessed during the August 2022 incident, some source code and technical information were stolen from our development environment and used to target another employee, obtaining credentials and keys which … Read More “LastPass Breach” »

Friday Squid Blogging: Injured Giant Squid and Paddleboarder

December 23, 2022 infossl

Security technology, squid, Uncategorized, video

Here’s a video—I don’t know where it’s from—of an injured juvenile male giant squid grabbing on to a paddleboard. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Hacking the JFK Airport Taxi Dispatch System

December 23, 2022 infossl

air travel, hacking, Security technology, transportation, Uncategorized

Two men have been convicted of hacking the taxi dispatch system at the JFK airport. This enabled them to reorder the taxis on the list; they charged taxi drivers $10 to cut the line. Powered by WPeMatico

Critical Microsoft Code-Execution Vulnerability

December 22, 2022 infossl

microsoft, patching, Security technology, Uncategorized, vulnerabilities, windows

A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Also, like EternalBlue, it’s wormable, meaning that a single exploit can trigger a … Read More “Critical Microsoft Code-Execution Vulnerability” »

Ukraine Intercepting Russian Soldiers’ Cell Phone Calls

December 21, 2022 infossl

cell phones, eavesdropping, iphone, russia, Security technology, smartphones, ukraine, Uncategorized

They’re using commercial phones, which go through the Ukrainian telecom network: “You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air,” said Alperovitch. “That doesn’t pose too … Read More “Ukraine Intercepting Russian Soldiers’ Cell Phone Calls” »