Tag Archive for: DEVELOP

Black Basta: Security Researchers Develop Decryptor for Black Basta Ransomware


Representative Image

In a recent breakthrough, security researchers have created a decryptor that exploits a vulnerability in the Black Basta ransomware, enabling victims to recover their files without paying the ransom. The decryptor, named ‘Black Basta Buster,’ was developed by Security Research Labs (SRLabs) and takes advantage of a flaw in the encryption algorithm used by the Black Basta ransomware gang.

According to a report by the BleepingComputer, the vulnerability in Black Basta’s encryption routine allowed victims from November 2022 to the present month to potentially recover their files for free. However, it has been reported that the developers of Black Basta recently addressed the bug in their encryption mechanism, preventing the use of this decryption technique in newer attacks.

Understanding the Black Basta Flaw

SRLabs discovered a weakness in the encryption algorithm employed by Black Basta, which enabled the creation of the ‘Black Basta Buster’ decryptor. The flaw is associated with how the ransomware handles the ChaCha keystream used in XOR encryption.

The decryption process relies on the knowledge of the plaintext of 64 encrypted bytes. The recoverability of a file depends on its size, with files below 5000 bytes deemed irrecoverable. For files ranging from 5000 bytes to 1GB, complete recovery is possible. Files larger than 1GB will lose the first 5000 bytes, but the remainder can be recovered.

Black Basta typically XORs the content of a file using a 64-byte keystream generated using the XChaCha20 algorithm. The flaw lies in the reuse of the same keystream during encryption, resulting in all 64-byte chunks of data containing only zeros being converted to the 64-byte symmetric key. This key can then be extracted and employed to decrypt the entire file.

The decryption process is effective for larger files, such as virtual machine disks, which usually contain numerous ‘zero-byte’ sections. Even if the ransomware damages the Master Boot Record (MBR) or GUID Partition Table (GPT) partition table, tools like “testdisk” can often recover or regenerate these structures.

It’s important to note that while decrypting smaller files may not be feasible, SRLabs suggests that for files lacking large…

Source…

CLE groups work together to develop cameras utilizing AI to slow illegal dumping


CLEVELAND — Illegal dumping is off to a fast start in the City of Cleveland in 2023, but so is the city in its effort to combat the chronic problem with the development of surveillance systems utilizing artificial intelligence.

The city has teamed up the Cleveland State University and Case Western Reserve University through the Internet of Things, or IOT Collaborative, to create a deployable smart camera system that will recognize illegal dumping as it’s taking place and report it to law enforcement.

The development project has been made possible through funding from the Cleveland Foundation.

Nick Barendt, CWRU executive director for the Institute for Smart, Secure, Connected Systems, told News 5 field testing on the systems will take place in the coming months.

“How do we harness technology, but make sure we’re doing it in a way that serves the public interest, said Barendt. “How do we improve the operational capabilities of these sorts of systems and reduce the false positives.”

Cleveland developing cameras utilizing artificial intelligence to slow illegal dumping

Mark Durdak

Nick Barendt, Case Western Reserve University Executive Director, Institute for Smart, Secure and Connected Systems (ISSACS)

Barendt said his team is gong to create a corridor on one of the campuses that can be used as a controlled test bed.

“Where we can drag boxes or furniture or whatever into the field of view and make sure we can detect those,” he said. “You’re detecting things coming into a cameras field of view, that the don’t leave the field of view within some reasonable amount of time. There’s going to have to be some privacy by design considerations, as well as signage and other things that we’re going to have to put up.”

CLE Developing AI cameras to slow illegal dumping

Mark Durdak

The project will utilize some City of Cleveland camera technology currently in use.

Brian Ray, Cleveland State University law professor and director of the Center for Cyber Security and Privacy Protection, told News 5 the team is working to create smart cameras that won’t create neighborhood privacy issues.

“We don’t want a ‘big brother’ society, but we do want to get rid of illegal dumping,” said Ray. “We want to make sure that enforcement is efficient, but also make sure…

Source…

The UK helps entrepreneurs develop innovative financial solutions in Mexico


In Mexico, important gaps in financial inclusion mean only 68% of adults use at least one financial product, even though internet access is at 75.6%. The UK’s Financial Services Programme sponsored the Sandbox Challenge (SC), which helped increase financial inclusion in Mexico. It did this by helping Fintech entrepreneurs develop their offerings of digital and innovative financial solutions. The second edition of the SC initiative attracted 200 participants from the United States, Taiwan, Peru, Colombia and Ecuador.

To help SC winners develop their business models, they obtained bespoke support covering legal advice, business-consulting mentoring, financial modelling, cyber security advisory, and programming services, among others.

MoneyWays, a Venezuelan firm, provides a digital alternative to the high costs associated with cross-border fund transfers, which disproportionately affect migrant workers sending money to their families back home. MoneyWays solution consists of a platform providing money transfers, remittances, prepaid cards services, and payments through a real-time wallet system. According to MoneyWays, the support they received allowed them to accelerate the development of their services and have a presence in the Mexican market, which, in turn, helped them reduce the financial burden on remittance beneficiaries.

Plataforma 9.9% devised an innovative solution to help women and informal workers access home ownership through a collective, circular form of financing. Plataforma 9.9% recognised that participating in the Financial Services Programme gave them an opportunity to build their methodology whilst at the same accessing professional advice that guided them in structuring their services to comply with official regulations.
Sagrario Gutiérrez, member of Plataforma 9.9%, shared:

We were provided with skills, tools, guidance, structure, transparency and certainty; it has been an outstanding experience to help build our solution.

Escrivan helps consumers regularise their real estate assets, which is critical given that over 50% of homeowners in Mexico currently have “irregular” property status. By resolving this issue, more consumers are able to…

Source…

RRU to develop wargame centre in Delhi to train soldiers for Indian Army


The Gandhinagar-based Rashtriya Raksha University (RRU) will develop a Wargame Research and Development Centre in New Delhi for the Indian Army to train its soldiers in virtual reality simulation war games designed specifically to meet the challenges of counter-terrorism and counter-insurgency operations by the armed forces in India.

According to Indian Army officials and the university management, a memorandum of understanding was signed between RRU, an institute specialising in national security and policing, and the Army Training Command of the Indian Army on Friday to develop the Wargame Research and Development Centre in New Delhi.

The laboratory will be prepared by Tech Mahindra, while the RRU intends that the wargame centre provides a “realistic” experience to the user.

The Indian Army will provide data to the university to develop model backgrounds for their soldiers to train virtually.

“The MoU will facilitate co-operation and collaboration in the niche field of simulation, computer wargaming, and allied technologies,” read a statement from the Army Training Command, Indian Army.

As per officials privy to the development, the project has been given a prototype name ‘WARDEC’ and it will be a first-of-its-kind simulation-based training centre in India where the army can train its soldiers in diverse combat situations through virtual reality wargames where artificial intelligence (AI) will be used to design the “gameplay” as per the present-day needs of the army.

The RRU has been established as an “institute of national importance” through an act passed in the Parliament in 2020 and it functions under the Ministry of Home Affairs (MHA).

“The RRU has enhanced capabilities in domains of Artificial Intelligence and Cyber Security, as also defence and strategic studies. Along with Maker’s Lab, which is the research and development division of technology leader Tech Mahindra, RRU will establish the wargame centre which will incorporate emerging technologies into war game development. This will allow realistic experience for the users,” said Colonel Nidhish Bhatnagar, Director, School of Information Technology, Artificial Intelligence and Cyber Security…

Source…