• Search for:
    23Dec, 2023
    Crypto Exchange Hack Guilty Plea, Rating AI Vulnerabilities, Intellexa Spyware 

    SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

    We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

    Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

    Here are this week’s stories:  

    Ukrainian hackers target major Russian water utility 

    In revenge for the recent Russian attack on Kyivstar, Ukraine’s largest mobile network operator, Ukrainian hackers claim to have launched an attack on Rosvodokanal, the largest private water utility in Russia. The hackers claim to have stolen documents, encrypted 6,000 computers, and deleted 50 Tb of data, disrupting operations. Rosvodokanal is responsible for providing water to millions of consumers, but there do not appear to be any reports of the water supply being impacted by the attack. 

    Former security engineer admits hacking two cryptocurrency exchanges

    The US Justice Department announced that Shakeeb Ahmed has pleaded guilty to hacking two decentralized cryptocurrency exchanges, stealing over $12 million worth of cryptocurrency. The attacks were carried out in 2022 and targeted Nirvana Finance and Crema Finance. The DOJ described Ahmed as a former security engineer at an international technology company, which appears to be Amazon.

    Apple and Adobe patches

    Apple and Adobe have each released patches for a single vulnerability. Apple released macOS Sonoma 14.2.1 to address a WindowServer issue that involved content being unintentionally exposed when users shared their screen. Adobe released an Experience Manager Forms update to address an Apache Struts vulnerability that has been exploited in the wild

    Hundreds of TeamCity instances still vulnerable to attacks

    Hundreds of TeamCity instances are vulnerable to attacks exploiting CVE-2023-42793, according to Censys. The Russian cyberespionage group known as APT29 has been exploiting the vulnerability on a large scale since September 2023, according to government agencies.

    GWT vulnerability remains unpatched 8 years after discovery

    A potentially serious vulnerability affecting GWT, a popular open source web application framework, remains unpatched eight years after it was discovered, according to Bishop Fox. The flaw can expose application owners to unauthenticated server-side code execution. There have been several discussions on the security hole since 2015, but it still has not been fixed. Bishop Fox has published a blog post describing how the vulnerability can be exploited and how developers can check if their GWT-based application is affected. 

    AI vulnerability rating taxonomy for LLMs

    Bug bounty platform Bugcrowd has updated its Vulnerability Rating Taxonomy (VRT) to define how AI vulnerabilities in Large Language Models (LLMs) are classified, reported, and prioritized on its platform in an effort to enable hackers and customers to have a shared understanding of how these types of flaws are handled. 

    Payment fraud underground shows signs of recovery 

    Recorded Future has published its 2023 Payment Fraud report, which reveals that the payment fraud underground is showing signs of recovery following Russia’s crackdown on domestic cybercriminals and its invasion of Ukraine. The report also shows that the volume of stolen payment cards on carding shops has started to rebound. A total of 119 million cards were offered for sale, with a median fraud charge of $79. 

    Google shuts down thousands of YouTube channels 

    Google has terminated thousands of YouTube channels as part of investigations into influence campaigns linked to China, Russia, and Iran. Ads accounts, domains, and other resources linked to these campaigns were also blocked. Hundreds of YouTube accounts linked to campaigns in Turkey, Azerbaijan, Ethiopia, and Sudan also got the ax. 

    Intellexa and its Alien/Predator spyware products

    Cisco has published a new report detailing the evolution of Intellexa, ‘an intelligence agency-grade spyware vendor’ that emerged from the ashes of Cytrox, after it was bought. The report also dives into the vendor’s Alien/Predator line of implants, which were found to persist device reboots. 

    CISA finalizes Microsoft 365 secure configuration guidance

    US cybersecurity agency CISA announced that the final version of its Microsoft 365 Secure Configuration Baselines guidance, which includes input from a public comment period, is now available to the public. The guidance, which aims to help organizations improve the security and resilience of their M365 services, is accompanied by an updated SCuBAGear tool, enabling interested parties to assess their M365 services against CISA’s baselines.

    Resource : https://www.securityweek.com/in-other-news-crypto-exchange-hack-guilty-plea-rating-ai-vulnerabilities-intellexa-spyware/

    31May, 2023
    IBM Delivers Roadmap for Transition to Quantum-safe Cryptography

    IBM has introduced a quantum-safe roadmap to help the complex organizational transition to post-quantum cryptography at this year’s annual Think conference.

    There are deadlines by which federal agencies must complete the transition to quantum-safe cryptography. Business is expected to follow the same path, but it is a long and difficult route. IBM has developed a three-stage solution it calls the IBM Quantum Safe Roadmap.

    “This roadmap serves as a commitment to transparency, predictability, and confidence as we guide industries along their journey to post-quantum cryptography. There’s a lot happening at once — new algorithms, standards, best practices, and guidance from federal agencies. We hope that this roadmap will serve as a navigational tool through this complex landscape,” it announced.

    The background is the assumption that much of our current cryptography will be easily cracked with the arrival of cryptographically relevant quantum computers, which are expected earlier than general-purpose quantum computers. Even though this may be several or even many years in the future, encrypted confidential data stolen by nation-state or criminal gangs now will become readable at that time. Quantum safety is a pressing concern.

    NIST has been running a competition to develop new algorithms capable of withstanding decryption by quantum computers. In July 2022, it announced that it had selected four algorithms for standardization (three of which were developed with IBM involvement). These standards will be published and become official in 2024.

    In November 2022, the OMB issued a Memorandum on Migrating to Post-Quantum Cryptography, including details with timelines on the steps required of federal agencies. “This memorandum describes preparatory steps for agencies to undertake as they begin their transition to PQC by conducting a prioritized inventory of cryptographic systems,” it announced.

    The IBM Quantum Safe Roadmap is designed to help both federal agencies and business enterprises meet both the requirements and the deadlines for quantum safe cryptography.

    The roadmap comprises three separate products – two of which are available now, with the third currently in its first generation but timed to be fully available at the time it is needed. The three products are Quantum Safe Explorer, Quantum Safe Advisor, and Quantum Safe Remediator. These three products correspond to the discover, observe, and transform stages of the roadmap.

    The Explorer enables organizations to scan source and object code to locate cryptographic assets, dependencies, and vulnerabilities. The result is what IBM calls a cryptography bill of materials (CBOM), aggregating all relevant details into a single location.

    The Advisor creates a dynamic view of the cryptographic inventory to guide remediation, and analyzes cryptographic posture and compliance to prioritize risks.

    The Remediator enables organizations to deploy and test best practice-based quantum-safe remediation patterns to understand the potential impacts on systems and assets as they prepare to deploy quantum-safe solutions. “It allows you to work with different quantum-safe algorithms, certificates and key management services,” says IBM. “It also helps you achieve crypto agility so that you can quickly adapt to changing policies and threats without significant operational or budgetary implications.”

    In 2025, the NSA will require national security systems to prefer quantum-safe algorithms while configuring their systems. Use of such algorithms will become mandatory for commercial products used in these systems, meaning that within two years, organizations working with the federal government will need to begin their quantum-safe transition. “By then,” says IBM, “Remediator will offer a hybrid approach, enabling traditional as well quantum-safe cryptography.”

    The complexity of transitioning to quantum-safe cryptography within prescribed timelines means the urgency is already here. 

    “As the era of quantum computing quickly approaches reality, it is imperative that quantum-safe technologies are also deployed to protect today’s classical systems and data,” comments Patrick Moorhead, CEO and founder of Moor Insights and Strategy. “What the world needs to secure data for the quantum age is expertise in world-class quantum technology and advanced cryptography, alongside decades of product development experience for critical infrastructure. These pillars are where I believe IBM excels, and now with a quantum-safe roadmap to lead the industry and new technologies to simplify migration, I look forward to seeing the advancement of quantum-safe journeys globally.” 

    Resource : https://www.securityweek.com/ibm-delivers-roadmap-for-transition-to-quantum-safe-cryptography/

    15Nov, 2022
    What is Quantum Cryptography?

    We will discover ‘What is Quantum Cryptography?’ in this blog. It is a safe method of communicating when two or more people trade encryption keys. This approach uses the principles of quantum theory to exchange encryption techniques securely and consistently. Maybe because it is sophisticated, quantum cryptography looks to be difficult. We made an effort to make it easier for you.

    Cryptography

    Cryptography is the practice of hiding or encoding data so that only the intended recipient can decipher it. For thousands of years, people have been using cryptography to symmetric encryption, and it is still used today in e-commerce, card payments, and password protection.

    Take a quick look at the topics this blog will cover.

    Table of Content:

    What is meant by Quantum Cryptography?

    Cryptography is the process of encrypting data or turning plain text into scrambled text that can only be read by a person with the right “key.” By extension, quantum cryptography merely uses the unbreakable encryption and transmission techniques provided by quantum physics.

    The intricacy of quantum cryptography, despite the definition’s seeming simplicity, resides in the quantum physics concepts that underlie it. These concepts include:

    • The particles that make up the universe are fundamentally ambiguous and can exist simultaneously in different places or states.
    • One of two quantum states is randomly chosen for photon generation.
    • It is impossible to measure a quantum attribute without altering or disturbing it.
    • A particle’s quantum properties can be duplicated, but not the entire particle.
    • These ideas all have implications for quantum cryptography.

    Two parties can create and share a key with QKD, which can then be used to encrypt and decrypt messages. Instead of the key itself or the communications it enables users to transmit, QKD refers to the distribution technique for the key.

    Want to learn Cyber Security? What’s better than to get an overview just a click away, do check out our Cyber Security Tutorial!

    QKD’s History

    The idea for quantum cryptography was first put up by Stephen Wiesner of Columbia University in the 1970s with his quantum conjugate coding proposal. In 1983, Wiesner’s paper was published. Based on Wiesner’s research, Charles H. Bennett later developed the idea of secure communication. Additionally, Bennett developed the first nonorthogonal state quantum cryptography technique, BB84. In 1990, Artur Ekert also created a different QKD technique based on quantum entanglement.

    What is the distinction between post-quantum and quantum cryptography?

    • Post-quantum cryptography is the name given to cryptographic algorithms that are believed to be secure from a quantum computer attack. These algorithms are mainly public-key algorithms. In months or even years, conventional computers can solve these challenging mathematical equations. In contrast, mathematically based systems will be quickly broken by quantum computers executing Shor’s algorithm.
    • Quantum cryptography, which is entirely unhackable, uses quantum mechanics to convey private messages, in contrast to classical cryptography.

    How does Quantum Cryptography Work?

    • Fiber optic connections are used by QKD to transmit photons, or beams, among entities. When delivered collectively, the various quantum states of the individual photons create a flow of ones and zeros.
    • Qubits are the numerical counterpart of bits in this torrent of quantum systems that are made up of zeroes and ones. A diffraction pattern forces a beam to enter a photon collectors by one of two routes once it arrives at its destination.
    • The transmitter will then contrast the received data to the emitters, who would have emitted each particle, to determine the order of photons that were sent.
    • The erroneous beam collector discards photons, leaving just a particular bit pattern. Then, you may use this bit pattern as a key to encrypt data. The error – correcting method and other comment steps ensure that there are no errors or data leaks.
    • Another post-processing step that eliminates whatever knowledge an eavesdropper might have gained about the ultimate private key is postponed security amplification.
    • Prepare-and-measure protocols and Entanglement-based protocols are the two main typical kinds of QKD. Detection of unidentified quantum states is the main goal of prepare-and-measure techniques.
    • This protocol has the ability to identify eavesdropping attempts and estimate the volume of data that might have been intercepted.
    • Protocols based on entanglement deal with quantum states when two items are connected to create a single quantum state.
    • According to tangling, evaluating one thing will have an impact on the other. The other partners will be alerted if an unauthorized user takes charge to a formerly trusted device and makes changes.
    • The computer is altered by the very act of trying to view photons, making an incursion observable through the use of quantum coherence or quantum quantum states.
    • There are two further types of QKD: discrete variable QKD (DV-QKD) and continuous variable QKD (CV-QKD). With DV-QKD, quantum states will be measured using a photon detector and quantum information will be encoded in variables.
    • The BB84 protocol is exemplified by the DV-QKD protocol. CV-QKD encrypts quantum entanglement on the phase and amplitude regions of a laser prior to emitting light to a receiver. This approach is used by the Silberhorn protocol.

    Here are some examples of QKD protocols:

    • Decoy state
    • BB84
    • E91
    • Silberhorn
    • KMB09

    Difficulties in Quantum Cryptography

    The usage of QKD in the first place, the distance photons can travel, and integrating QKD devices into the existing infrastructure are the three main problems facing the technology.

    It is currently challenging to set up the proper infrastructure for QKD. Even though single photon detector problems make QKD insecure in practise, the theory of the technique is entirely secure. Consideration of security analysis is essential.

    The fact that QKD depends on an already-existing channel of communication that has been classically authenticated is one of the biggest hurdles. This indicates a sufficient level of security because at least one person has already exchanged a symmetric key. Without using QKD, another cutting-edge encryption method can be employed to protect a system.

    Conclusion

    In order to boost QKD’s overall effective distance and high data rates, new technology is constantly being developed. QKD is being used increasingly frequently in commercial settings as a result of new networks and businesses providing commercial QKD solutions.

    Resource : https://intellipaat.com/blog/what-is-quantum-cryptography/