The end of encryption, also called the “Cryptopocalypse,” is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption. Since public key encryption is used to secure almost all data in transit, both between separate IT infrastructures and even within individual infrastructures, that data will become accessible by anyone with a sufficiently powerful quantum computer. Shor’s algorithm is a quantum computer algorithm for finding the prime factors o
All Articles (2242)
Sort by
As the volume of seaborne trade has continued to rise, congestion of trucks carrying freight in and around maritime ports has increased with it. Long queues for these trucks are causing concerns for both port authorities and port operators. These concerns include hardships imposed on truck drivers, disruption of traffic, environmental issues, and even degradation of a port’s brand.
What’s the answer? Technology to keep the commodities moving. What could go Wrong? Logistics provider, NEXT Tr
A pro-Russian hacking group is claiming responsibility for cyber-attacks on several hospitals in the United States. The attack came just days after the Federal Bureau of Investigation (FBI) said it took down a ransomware group that was also targeting hospitals in what was called “The Hive” attack.
The US Attorney General says they’ve seen how cyber-attacks on medical facilities can be very disruptive. “The Hive ransomware attack was able to prevent the hospital from accepting new patients,” th
Last week we presented a topic on our RedShort explaining the growing human engineering techniques; especially the use of cell phone calls. The New Jersey NJCCIC recently detected an uptick in TOAD phishing campaigns. TOAD, or telephone-oriented attack delivery, is a type of social engineering attack that lures potential victims to contact fraudulent call centers managed by threat actors in attempts to steal credentials or install malware onto their systems.
The messages used in the observed TO
The following article is based on the opinions of cyber threats and financial professionals and is not intended to place blame on any parties. It is an important topic that has been brought to the attention of the US Government, even before the fall of the FTX Exchange.
See: https://redskyalliance.org/xindustry/sec-chairman-pushes-for-more-cryptocurrency-regulations
The seemingly limitless innovations from information technology have created enormous opportunities for all kinds of predatory be
In a recent report, Microsoft warns that phishing, fake software updates and unpatched vulnerabilities are being exploited for ransomware attacks. More than one hundred different cyber-criminal gangs are actively conducting ransomware attacks, deploying over 50 different ransomware families in campaigns which see them encrypt networks and demand a ransom payment for the decryption key. The analysis from Microsoft Security Intelligence notes that some of the most prominent ransomware attacks of
Do you know where your secrets are? Hopefully they remain with YOU. If you tell just one other person your secret, then it is not a secret anymore. Next question, where are your cyber secrets? Don’t know? Well, hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, do not know where their cyber secrets are either. It does not matter the organization's size, the certifications, tools, people, and processes: secrets are not visible in 99% of cases.
Keeping sec
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization's reputation and bottom line.
There are two main reasons why regular pen testing is necessary for secure web application development – Security: Web applications are constantly evolving, and new vulnerabilities are being discovered all the time. Pen testing helps identify vulnerabilities that could b
GitHub states that hackers gained access to its code repositories and stole code-signing certificates for two of its desktop apps: Desktop and Atom. Although attackers exfiltrated a set of encrypted code-signing certificates, these were password-protected, so there is no possibility of malicious use.
GitHub revealed that on 7 December 2022, hackers gained unauthorized access to several of its code repositories and stolen code-signing certificates for two of its desktop apps: Atom and Desktop.
The long arm of the law has grabbed the Hive ransomware operation, and it appears to have been shut down as part of a major law enforcement operation involving agencies in 10 countries. A message in English and Russian on the Hive ransomware operation’s Tor-based website reads: “The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against Hive Ransomware.” Another message says the action was taken in coordination with Europol and authoritie
The US Securities and Exchange Commission (SEC) in 2023 requires corporate boards to improve their cybersecurity act and increase transparency by disclosing cybersecurity incidents with full details to the SEC and investors within four (4) business days.
In addition to reporting there was an incident, publicly traded corporations must identify who on their board or which subcommittee is responsible for cybersecurity and their relevant expertise. Adding to the growing importance of the CISO role
First coined by Lebanese-American thought leader Nassim Nicholas Taleb, the term “black swan” refers to unexpected global events that have a profound effect on society. Some are beneficial, like the invention of the printing press; and others are destructive, such as the subprime crisis in 2008. But they have all altered the course of history.
In recent years, we have bore witness to a surge of black swan events, and they continue to emerge in real time. They have affected every facet of our l
As space becomes the latest frontier for human dominance, satellites are becoming ever-important for life on Earth to function. There are currently 10,352 satellites orbiting the Earth of which 2317 were launched last year, according to the United Nations Office for Outer Space Affairs. But just like any other piece of complex technology, satellites can be hacked.
Last year, just before the Russian invasion of Ukraine, alleged Russian government hackers disabled communications in Ukraine by la
Zendesk, a customer service solutions provider, has suffered a data breach that resulted from employee account credentials getting phished by hackers. Cryptocurrency trading and portfolio management company, Coinigy revealed last week that it had been informed by Zendesk about the cybersecurity incident.
According to the email received by Coinigy, Zendesk learned on 25 October 2022, that several employees were targeted in a “sophisticated SMS phishing campaign.” Some employees took the bait an
A "large and resilient infrastructure" comprising over 250 domains is being used to distribute information-stealing malware such as Raccoon and Vidar since early 2020. The infection chain uses about a hundred of fake cracked software catalogue websites that redirect to several links before downloading the payload hosted on file share platforms, such as GitHub, cybersecurity researchers reported.
See: https://redskyalliance.org/xindustry/raccoon-stealer-returns
The investigators assessed the do
Blockchain security firm SlowMist has highlighted five common phishing techniques crypto scammers used on victims in 2022, including malicious browser bookmarks, phony sales orders and Trojan malware spread on the messaging app Discord. The security firm recorded a total of 303 blockchain security incidents over the year, with 31.6% of these incidents caused by phishing, rug pull or other scams, according to SlowMist’s 09 January 2022 report.
The entire report can be viewed at: https://slowmis
Let’s say you are a bridge officer on a 12,000 TEU container vessel in the Kill Van Kull Channel (upper NYC bay area), heading west towards the Bayonne Bridge with a pilot on board. It is a cloudless sunny day. As you pass Constable Hook Reach, you feel the ship veer hard to port and your speed appears to increase. Although the bridge instruments show your expected speed, location, and rudder position, the rudder is, in fact, hard over to port and your speed has increased to 12 knots. The pil
The ChatGPT AI chatbot has created plenty of excitement in the short time it has been available and now it seems it has been used by cyber threat actors to help them develop malicious code. ChatGPT is an AI-driven natural language processing tool which interacts with users in a human-like, conversational way. There are other uses, such as it can be used to help with writing assignments like composing emails, essays and Python code. ChatGPT did not write this article.
The chatbot tool was release
The countries of Russia and Iran are discussing the possibility of the two parties expanding their cooperation to include the cryptocurrency sector as Moscow and Tehran mull developing a joint gold-backed stablecoin. Reports about this cooperation came out after the Executive Director of the Russian Association of the Crypto Industry and Blockchain, Alexander Brazhnikov, told Russian media that the Iranian Central Bank was considering the joint creation of a cryptocurrency with Russia as a form
According to a recent US report, nearly 60% of the cyber security recommendations made by the US Government Accountability Office (GAO) since 2010 have yet to be implemented by federal agencies. The Office unveiled the figures in a release on 16 January 2023, adding that out of 335 public recommendations, 190 still needed to be implemented. "Until these are fully implemented, federal agencies will be more limited in their ability to protect private and sensitive data entrusted to them," GAO re
