Tag Archive for: existing

Researchers claim method to break encryption using existing quantum computer

/in


A group of Chinese researchers has claimed to be able to break a widely used encryption scheme with a quantum computer that already exists, creating a possible boon for surveillance and a crisis for data protection.

The two dozen researchers from seven research institutions in China authored a paper describing a method using a 372-qubit computer to break RSA encryption instead of the theoretical quantum computer with tens of millions of qubits that was previously thought to be needed.

The implications are serious.

CONGRESS WANTS FEDERAL AGENCIES TO DEPLOY QUANTUM-SAFE ENCRYPTION

“Quantum computing has the capability to break the encryption on which most enterprises, digital infrastructures, and economies rely, rendering today’s encryption methods useless,” said Bryan Ware, CEO of LookingGlass Cyber Solutions. “That means that all secrets are at risk — nuclear weapons, banks, business IP, intelligence agencies, among other things, are at risk of losing their confidentiality and integrity.”

Quantum computing is still in its infancy, but cybersecurity experts have worried that quantum computers will eventually become powerful enough to break popular encryption schemes within minutes instead of the thousands of years needed by conventional modern computers. That possibility was supposed to be several years away, however.

Just in December, Congress enacted a law requiring the Office of Management and Budget to prioritize federal agencies’ acquisition of IT systems using post-quantum cryptography in an effort to deal with future advances in quantum computing.

But if the Chinese researchers are correct, the future is now. In November 2022, IBM announced it had built a working 433-qubit computer, larger than the quantum computer the researchers say is needed to break RSA encryption.

Still, the researchers’ claims have been met with skepticism in some cybersecurity circles.

The Chinese research is theoretical, and the underlying research it’s based on is “highly controversial,” Ware told the Washington Examiner. The paper may…

Source…

Network Excavation: Going Beyond What Your Existing Tools Can Tell You

/in


Network Excavation: Going Beyond What Your Existing Tools Can Tell You

By Joel Esler, VP of Threat Research

Netography Fusion’s unique ability to combine on-premises traffic flow via NetFlow and sFlow, as well as flow traffic from each of the major cloud providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Oracle Cloud, and others, provides the unparalleled ability to hunt through data quickly and efficiently. Need to observe and secure how your traffic is flowing between cloud providers? Done. How about traffic between your on-prem infrastructure and the cloud? Done. How about traffic between either one of them and the internet? Done. Simple hunting in data, as powered by our easy-to-use Netography Query Language (NQL) is a powerful tool in any security or network practitioner’s arsenal.

In this blog post I’m going to show you a couple of recent techniques that our Threat Research Team uses to identify malicious traffic on a network and use that information to develop new strategies and Netography Detection Modules (NDM) for customers, as well as alerting customers to issues found on their network so they can take immediate action.

The Netography Threat Research Team was formed with automation, proactive research, and machine learning in mind. We ask ourselves, “How can we develop new detections and proactively defend customers without having to dedicate hundreds of people and hours of resources to each individual threat?” \ I have worked on those teams in my former roles, and I have seen how that sausage is made. While I have seen the effectiveness of those teams, we wanted to reimagine and drive a more effective approach for an increasingly encrypted world.

Our recent addition of context labels enables both our team and customers the ability to visualize their traffic in ways they have never seen before. Let me provide a couple of recent examples where this has proven to be a powerful capability. 

Context Labels in Action

Following the rollout of our context label feature, a customer immediately enabled this functionality to pull information from their AWS infrastructure. Enabling this functionality allows the Netography Fusion portal to pull…

Source…

Guardicore strengthens existing ransomware protection capabilities

/in


Guardicore announced new features that reduce the complexity of segmentation policy creation and enforcement to more effectively secure complex enterprise environments against ransomware attacks.

Guardicore features

According to Forrester’s New Tech: Microsegmentation, Q3 20211 report, “Ransomware, once it gets into a network perimeter via phishing or other threat vector, spreads internally through SMB exploits…and RDP exploits…microsegmentation will slow down the propagation of future ransomware.”

Yet, as organizations increasingly adopt cloud, hybrid and OT/IoT technologies, consistent segmentation policy enforcement across operating environments is a primary area of concern. Guardicore’s latest features simplify policy creation and enforcement and strengthen ransomware protection across any environment.

“Repeated headlines of successful ransomware attacks highlight the need for granular segmentation controls that prevent lateral movement and stop attackers from compromising high-value targets,” said Pavel Gurvich, SVP, Akamai Enterprise Security (former CEO of Guardicore). “Our agent-based solution has proven highly effective in stopping ransomware, but agents cannot be deployed in every modern environment. Guardicore Centra’s latest features strengthen existing ransomware protection capabilities, extending coverage to anywhere a business’ ‘crown jewels’ are held.”

Unlike many segmentation vendors, which have limitations on the operating systems and environments they support, Guardicore provides coverage for all environments using a single tool with minimum performance and operational impact. The company creates silos between servers, operating systems, cloud instances, and applications to prevent, detect, and remediate ransomware and advanced attacks. Guardicore’s latest features and benefits include:

  • AI labeling and policy suggestion: Implementing effective segmentation begins with mapping assets and ends with enforcing policy. Neither are inherently simple tasks. Guardicore’s latest release tackles both of these challenges. AI labeling that leverages advanced machine learning techniques trivializes the asset mapping phase. Policy suggestions clear the…

Source…

Secure SSO for Cloud Applications using existing on premise Active Directory Identities

/in


single sign on userlock

The new release of UserLock 11 provides existing on-premise Active Directory (AD) Identities with secure Single Sign-On (SSO) access to both the corporate network and multiple cloud applications, from wherever they are working. In combination with Multi-Factor Authentication (MFA) it enables on-premise AD identities to securely access Microsoft 365 and other leading cloud applications.

  • For maximum security and ease, Userlock SSO maintains Windows Server Active Directory as the authoritative user directory and extends it to work with the cloud.
  • Given the increased vulnerability of corporate passwords for all organizations, UserLock’s granular Multifactor Authentication (MFA) provides the SSO protection you need without unnecessarily impeding employees.
  • New MFA enhancements have been added to help organizations scale MFA across all employees.

 

Today’s modern hybrid organization relies on Active Directory and the cloud to operate. With the demand for remote work at an unprecedented scale, IT teams need to streamline access to both the corporate network and cloud application from wherever employees are working.

This change in user access requirements creates new security risks that can often lead organizations to adopt either complex, costly or disruptive changes.” said François Amigorena, President & CEO of IS Decisions.

With UserLock, organizations can benefit from an easy-to-use, non-disruptive and affordable SSO solution that leverage’s their existing investment in Active Directory to effectively secure employees access to both the corporate network and multiple cloud applications.”

On-site Federated Authentication

Installed in minutes on a standard Windows server, UserLock SSO supports SAML 2.0 protocol to enable federated authentication of cloud applications. Each user needs to log in only once with their existing AD credentials (and a second factor if required), to seamlessly access all cloud resources.

  • Secure on site authentication is retained, even for remote access
  • Accounts, services, roles and group policies continue to be enforced
  • No need to create and manage a new directory for user ID’s
  • No change or provisioning needed for existing access to…

Source…