Tag Archive for: break

Biden administration warns quantum computing is poised to break cryptographic security

/in


The Biden administration is warning that advances in quantum computing will soon shatter cryptographic security, making more digital communications vulnerable to hackers worldwide.

Supercomputers’ improving ability to solve complex mathematical problems will undo the effectiveness of the tools and processes used to stymie hackers, according to the administration.  

The government’s solution to the looming vulnerability is to develop new rules, make plans for lengthy and costly updates, and to lean on the private sector and academia for help.

“Current research shows that at some point in the not-too-distant future, when quantum information science matures and quantum computers are able to reach a sufficient size and level of sophistication, they will be capable of breaking much of the cryptography that currently secures our digital communications,” a senior Biden administration official told reporters. “The good news is that this is not an insurmountable problem.”

President Biden is issuing a…

Source…

What is ethical hacking? Getting paid to break into computers

/in


Ethical hacking, also known as penetration testing, is legally breaking into computers and devices to test an organization’s defenses. It’s among the most exciting IT jobs any person can be involved in. You are literally getting paid to keep up with the latest technology and get to break into computers without the threat of being arrested. 

Companies engage ethical hackers to identify vulnerabilities in their systems. From the penetration tester’s point of view, there is no downside: If you hack in past the current defenses, you’ve given the client a chance to close the hole before an attacker discovers it. If you don’t find anything, your client is even happier because they now get to declare their systems “secure enough that even paid hackers couldn’t break into it.” Win-win!

I’ve been in computer security for over 30 years, and no job has been more challenging and fun than professional penetration testing. You not only get to do something fun, but pen testers often are seen with an aura of extra coolness that comes from everyone knowing they could break into almost any computer at will. Although now long turned legit, the world’s former most notorious uber hacker, Kevin Mitnick, told me that he gets the exact same emotional thrill out of being paid to legally break into places as he did for all those years of illegal hacking. Mitnick said, the only difference “is the report writing.”

How to become an ethical hacker

Any hacker must take some common steps to become an ethical hacker, the bare minimum of which is to make sure you have documented permission from the right people before breaking into something. Not breaking the law is paramount to being an ethical hacker. All professional penetration testers should follow a code of ethics to guide everything they do. The EC-Council, creators of the Certificated Ethical Hacker (CEH) exam, have one of the best public code of ethics available.

Most ethical hackers become professional penetration testers one of two ways. Either they learn hacking skills on their own or they take formal education classes. Many, like me, did both. Although sometimes mocked by self-learners, ethical…

Source…

Hackers are using a 9-year-old flaw to break into PCs

/in


Criminals and hackers will always exploit vulnerabilities, but software companies try to stay ahead of them. Tap or click here to see how malware can expose your browser passwords.

A big problem is that malware is constantly being adapted to circumvent any security efforts. Companies like Microsoft and Google can only patch what they know about, and sometimes hackers circle around to exploit old vulnerabilities.

Keep reading to find out how malware is now attacking a flaw in Windows that Microsoft patched years ago.

Here’s the backstory

Malware can be designed to accomplish many things, with the most lucrative goal being able to steal your banking details. A popular malware tool called Zloader has been used in various cyberattacks for years.

Focused on banking, the malicious code is used to steal credentials and personal information through compromised documents, email attachments, and even Google ads. The attacks can also be converted into ransomware, where the victim needs to pay to have their files unlocked.  

Several patches and vulnerability fixes have been released against ZLoader in the past. But a new version of the malware is attacking a flaw that Microsoft patched in 2013.

Check Point Research detailed how the updated campaign uses a patched flaw in Microsoft’s digital signature verification system to bypass detection. To gain access to a system, hackers must trick a user into installing a real remote IT management tool called Atera.

But the dynamic-link library file (or .dll) of the tool has been compromised with ZLoader. Any computer will automatically check the file’s digital signature, but because of the vulnerability, the malware won’t be flagged. The file will get a clean bill of health from Windows Defender as it has Microsoft’s genuine signature attached.

What you can do about it

Check Point Research notes that 2,170 unique IP addresses have downloaded the compromised Atera file. The majority (864) is located in the U.S., while Canada has around 300 infections, and India has 140.

You would need…

Source…

Noida: Armed thieves break into mobile showroom, flee with 600 new handsets, cash worth Rs 2.5 crore | Noida News

/in


GREATER NOIDA: Even as cops were busy in security arrangements on the occasion of Diwali, at least three i20-borne armed thieves barged into a mobile showroom in Greater Noida and stole around 600 new phones of different companies kept on the racks and drawers of the showroom along with about Rs 6 lakh cash from inside the cash counter.
The incident happened around 1.30am on Friday when the thieves seated in the i20 arrived at Noor Communication showroom in Saifi market in Greater Noida’s Surajpur area and allegedly cut the six locks and a channel attached to join the shutter.
Possible professionals, the accused allegedly uprooted the DVR of the CCTV set up before escaping from the spot.
At least some of the accused who got down from the i20 and orchestrated the theft have been caught on CCTV cameras installed at some other buildings around the showroom.
In one of the CCTV footages, at least three accused can be seen arriving inside the lane a few meters away from the showroom a few minutes after a police patrolling vehicle leaves the spot.
The accused can be seen speeding over a pothole making the showroom owners suspect that they might be well known to the area.
“They simply arrived there a minute after the police patrol van left. They stopped at some distance and two persons have been caught on camera doing all the movement. One of them was talking on the phone while another could be seen moving around with a bag,” Imran’s younger brother Irfan told TOI.
Irfan said that while the presence of three suspects was clear, they suspect that there could be more than four persons involved in the theft.
“They have taken away around 600 mobiles of Samsung, Redmi, One Plus, Vivo, Techno, Oppo, Redmi, RealMe, Intel, etc. They have even taken out stuff from inside the drawers. It does not seem possible to escape with so much in one vehicle,” he said.
Imran said that the accused opened the cash counter and took out Rs 6 lakh cash which was kept inside the same.
“In all, I have suffered a loss of about Rs 2.5 crore,” he said.
There are as many as eight cameras installed inside and outside the showroom but the accused simply fled with the DVR.
Cops suspect insiders’…

Source…