Monday, June 9th, 2008
The number of interested parties eager to listen in on your online conversations, including what you type through instant messaging, has never been higher.
It's trivial to monitor unencrypted wireless networks and snatch IM passwords as they flow through the ether. Broadband providers and their business partners are enthusiastically peeking into ...
Posted in Internet, Privacy, Security, Software | No Comments
Saturday, June 7th, 2008
The emergence of a variant on a virus that encrypts the victim's data with a strong 1,024-bit algorithm so the victim can't unscramble it without paying a ransom has begun to spread, potentially posing a major threat, according to the antimalware firm which discovered it.
Kaspersky Lab says the new variant ...
Posted in Internet, Privacy, Security, Software | No Comments
Monday, May 19th, 2008
We have been noticing quite a few binaries lately that target Brazilian banks. While most tend to have the same behavior, we found a particular piece that actually encrypted most of its strings to slow down analysis. In this blog we analyze the decryption routine and write a decryption algorithm, ...
Posted in Internet, Security | No Comments
Wednesday, April 16th, 2008
Ever run into the problem where you created a password protected zip/rar file and you forgot the password or accidentally deleted it? Or just dont know the password at all? Well I have come across a nice solution for cracking zip/rar files. Its called rarcrack, If you forget your password ...
Posted in Internet, Linux, Privacy, Software, Windows | No Comments
Monday, April 14th, 2008
A security researcher claims to have found a significant weakness in the wireless encryption of a DSL home gateway made by Thomson and distributed to broadband subscribers in the U.K. by network operator BT.
Exploiting the weakness could enable someone to connect to a victim's Wi-Fi router for malicious purposes such ...
Posted in Hardware, Internet, Security | No Comments
Friday, April 11th, 2008
Traditional IDS/IPS systems occur at the network level, usually plugged into a spanning port on a switch. I love this concept and think it should be part of any defense in depth strategy. The two primary weaknesses in these devices are, (1) they cannot process encrypted streams and (2) they ...
Posted in Coding, Internet, Security | No Comments
Thursday, March 20th, 2008
Voltage Security offers to make deploying encryption at the database level less painful with a technique called Format-Preserving Encryption.
Shocking the encryption market is not easy to do, but officials at Voltage Security must hope their new approach to encryption will do exactly that.
The company's flagship SecureData product uses a cryptographic ...
Posted in Coding, Privacy, Security, Software | No Comments
Tuesday, March 11th, 2008
TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the ...
Posted in Privacy, Security, Software | No Comments
Saturday, March 8th, 2008
The strength of the encryption used now to protect banking and e-commerce transactions on many Web sites may not be effective in as few as five years, a cryptography expert has warned after a new distributing key-cracking achievement.
Arjen Lenstra, a cryptology professor at the Ecole Polytechnique Fédérale de Lausanne (EPFL) ...
Posted in Security | No Comments
Saturday, March 8th, 2008
According to a report from security researcher Dan Kaminsky, the MD5 cryptographic algorithm may be at risk. This means that files, applications and programs supposedly authenticated and verified by MD5 could potentially be compromised.
In a research paper titled, "MD5 To Be Considered Harmful Some Day," Kaminsky expanded on the ...
Posted in Security | No Comments
