Proof-of-concept exploits published for the Microsoft-NSA crypto bug

January 16, 2020 – 5:06 AM

Security researchers have published earlier today proof-of-concept (PoC) code for exploiting a recently-patched vulnerability in the Windows operating system, a vulnerability that has been reported to Microsoft by the US National Security Agency (NSA).

The bug, which some have started calling CurveBall, impacts CryptoAPI (Crypt32.dll), the component that handles cryptographic operations in the Windows OS.

According to a high-level technical analysis of the bug from cyber-security researcher Tal Be’ery, “the root cause of this vulnerability is a flawed implementation of the Elliptic Curve Cryptography (ECC) within Microsoft’s code.”

According to both the NSA, the DHS, and Microsoft, when exploited, this bug (tracked as CVE-2020-0601) can allow an attacker to:

  • launch MitM (man-in-the-middle) attacks and intercept and fake HTTPS connections
  • fake signatures for files and emails
  • fake signed-executable code launched inside Windows


The Quantum Computing Threat to American Security

November 11, 2019 – 7:30 AM

Google announced last month that it had achieved “quantum supremacy,” demonstrating the potential of a new kind of computer that can perform certain tasks many orders of magnitude faster than the most advanced supercomputers. It’s a crucial moment for America’s national security, which depends on winning the race to do what quantum computers will do best: decrypt the vast majority of existing public-key encryption systems.

Google reports that its quantum computer, dubbed Sycamore, solved a mathematical calculation in 200 seconds that would take a supercomputer 10,000 years. IBM, a quantum competitor, asserted that Google’s claim of supremacy is overblown, and that the world’s most powerful classical computer, the Summit OLCF-4 at Oak Ridge National Laboratory, could have done the same calculation in 2.5 days—roughly a thousandfold difference rather than 1.5 trillionfold. Still, quantum computers are no longer science fiction.

To process information, digital computers use bits, essentially switches that can be either off or on, corresponding with the binary digits, 0 and 1. Quantum computers employ “qubits,” which use the probabilistic nature of quantum physics to represent any combination of 0 and 1 simultaneously, enabling them to encode more complicated data.

Their computing power grows exponentially as the number of qubits expands. Sycamore’s 54-qubit chip allowed it to outcompute the best supercomputer. A 2,000- to 4,000-qubit quantum computer would render most public-key encryption architectures—used for applications from banking and credit cards to the power grid—obsolete. They rely on numbers too big for conventional computers to factorize, but which a quantum computer could.

Building quantum computers is a very heavy lift. They require hugely expensive infrastructure to stabilize the qubits at temperatures near absolute zero. They also generate high error rates, or “quantum noise,” for which researchers have to compensate. Developers are probably years away from the large-scale code-breaking quantum computer everyone worries about—although once scientists and engineers start using quantum computers to build the next generation of quantum computers (since modeling complex systems like themselves is one of their strengths) the timeline could quickly shorten.


Microsoft is Relaunching Power Toys For Windows 10 Users

May 12, 2019 – 7:32 AM

Microsoft announced this week that they will be bringing back the Windows Power Toys so that a new generation of users can enjoy them. To start they will be offering two new Power Toys, but have a list of others that they hope to add.

For those who are unfamiliar with Windows Power Toys, they were small freeware utilities that were created by Windows developers as side projects related to something that they were interested about. They were not supported by Microsoft and were use-at-your-own-risk type of tools.

For Windows users, especially power users, they allowed you to play with Windows internals by tweaking undocumented features, play with fun tools, or to provide functionality that made it easier to get things done.

Some of the more popular Power Toys were Tweak UI that allowed you to enable undocumented features in the Windows Shell and user interface, a virtual desktop manager, and “Open Command Window Here”, which allowed you to open a command prompt within whatever folder you right-clicked on.

While some of these features are now built into Windows, in the past they were not and users enjoyed them as many provided an insight into the Windows internals that mostly Microsoft developers really knew about.


Cylance expands its AI-powered antivirus software to the consumer market

August 12, 2018 – 8:58 AM

The global cybersecurity market is estimated to be a $232 billion industry by 2022, up from around $138 billion last year. As such, it is brimming with well-funded startups, a number of which have elected to go public in recent months, such as Zscaler and Carbon Black. Others have been snapped up by bigger companies, including AlienVault, which was acquired by AT&T this week, and Phantom, which was recently bought out by Splunk.

Cylance is another startup that has been making big strides in the cybersecurity realm. The company recently closed a $120 million funding round, taking its total raised to around $300 million since its inception eight years ago. This also positions it well to grow its enterprise client base ahead of a rumored IPO in the not-too-distant future.

But before all that, Cylance has other plans to bolster its growth. Today, the company announced that it’s broadening its horizons to include the lucrative consumer cybersecurity market.


CCleaner Adds Data Collection Feature With No Way to Opt-Out

August 2, 2018 – 3:59 PM

Like many others, do you also believe that the popular system-cleaning tool CCleaner was performing well before Avast acquired the software from Piriform last year?

If yes, then pop-up advertisements in the previous CCleaner software version was not the last thing you have to deal with.

Avast has released a new version of CCleaner 5.45 that not only always runs in the background, but also collects information about your system without giving you a way to turn the feature off.

CCleaner is a popular application, available in both free and premium versions, with over 2 billion downloads that allow users to clean up their Windows, Mac, and mobile devices to optimize and enhance performance.

Last year, CCleaner made headlines when it suffered a massive supply-chain malware attack of all times, wherein hackers compromised its servers for over a month and replaced the original version of the software with the malicious one, infecting over 2.3 million users worldwide.