March 7, 2024 at 11:39AM France-based Zama, an open source cryptography company, raised $73 million in a Series A funding round, led by Multicoin Capital and Protocol Labs. Zama focuses on fully homomorphic encryption (FHE), allowing processing of encrypted data without decryption. It aims to make FHE accessible to developers, with solutions for blockchain and … Read more
February 7, 2024 at 10:40AM A recent YouTube video demonstrated how a Raspberry Pi Pico can exploit a vulnerability to access a BitLocker-secured device in under a minute. The technique involves intercepting the unencrypted key passed between the TPM and CPU, using affordable components. While Microsoft acknowledges such attacks, mitigations can be implemented through the … Read more
January 9, 2024 at 11:47AM Researchers from Cisco Talos and the Dutch police obtained a decryption tool for the Tortilla variant of Babuk ransomware, leading to the arrest of the operator. This variant emerged after the original malware leaked. The threat actor targeted Microsoft Exchange servers using ProxyShell exploits. Avast released a decrypter for Babuk … Read more
December 3, 2023 at 04:11PM Security researchers discovered an advanced Linux encryptor made by the Qilin ransomware gang targeting VMware ESXi servers. This customizable encryptor focuses on virtual machine encryption and snapshot deletion while offering a wide range of command-line options for operational flexibility. Qilin, which emerged from the “Agenda” operation, conducts double-extortion attacks and … Read more
November 29, 2023 at 04:39AM The Reading Borough Council apologized after recommending users to disable browser HTTPS to access its planning portal, which had faced a month-long outage due to technical issues. The council has since repaired the portal and restored secure access, while the decision-making behind the poor security advice remains unexplained. **Meeting Takeaways: … Read more
November 27, 2023 at 03:12PM Last Friday, a ransomware attack hit the “Ethyrial: Echoes of Yore” MMORPG, resulting in the loss of 17,000 player accounts and their in-game progress. The developers have decided not to pay the attackers and will manually restore the affected systems. Impacted players will receive their lost items and progress, along … Read more
November 9, 2023 at 05:26PM The Industrial and Commercial Bank of China (ICBC) experienced a ransomware attack, disrupting US Treasury services and preventing trade settlements. ICBC has begun restoring its services, but there was no comment from ICBC or the US Securities and Financial Markets Association (SIFMA). It is unclear if any data has been … Read more
October 30, 2023 at 02:34PM Google has introduced a new feature called HTTPS-Upgrades to enhance Chrome internet security. It automatically upgrades insecure HTTP requests to secure HTTPS requests for all users. This protects users’ privacy and security by encrypting connections and preventing potential data theft. The update impacts various aspects of browsing and aims to … Read more
October 19, 2023 at 08:42AM Australian cybersecurity startup, CipherStash, has raised $3 million in a seed funding round led by Skip Capital. The company uses queryable encryption technology to protect data, offering tighter access controls and tracking capabilities. CipherStash’s solution integrates with various programming languages and databases. The funding will support the expansion of their … Read more