Tag Archive for: Key.

What Is Hashing? How Does Hash Key Work And Salting Helps It?

/in


Safeguarding your data and personal information has never been more important than today and hashing is a widely used method that acts as a guardian for our passwords and other types of sensitive information.

Hashing is a crucial element in modern cybersecurity, quietly safeguarding sensitive data and ensuring the integrity of digital information. At its core, hashing is a process that takes an input, referred to as a ‘key,’ and transforms it into a fixed-length string of characters known as a ”hash.” What makes hashing indispensable is its ability to provide a unique digital signature for data, allowing any alterations to be quickly detected.

The fundamental concept behind hashing revolves around the use of a mathematical algorithm called a hash function. This algorithm is designed to meet specific criteria: it must produce a consistent output length, be deterministic, efficient, exhibit the avalanche effect, and possess preimage resistance. These criteria ensure the reliability and security of the hash.

Let us go through why is hashing so important in today’s cybersecurity and how it is implemented in various fields.

What is hashing and salting
Hashing is a vital method for safeguarding personal data and passwords in today’s cybersecurity (Image credit)

What is hashing?

Hashing is a process that takes an input, often referred to as a ‘key,’ and transforms it into a fixed-length string of characters, known as a ”hash”. This hash is typically much shorter than the original input. The core components of hashing include:

  1. Hash function: At the heart of hashing is the hash function, which is an algorithm responsible for performing the transformation. A good hash function should meet specific criteria:
    • It should take an input of any size and produce a fixed-length output (e.g., 256 bits).
    • It should be deterministic, meaning the same input will always yield the same hash.
    • It should be quick to compute.
  2. Uniqueness: Ideally, different inputs should produce unique hashes. While it’s theoretically possible for two different inputs to yield the same hash (a collision), modern hash functions are designed to minimize this occurrence
  3. Irreversibility: Hashing is a one-way process, meaning you cannot reverse a…

Source…

Microsoft reveals how hackers stole its email signing key… kind of

/in


A series of unfortunate and cascading mistakes allowed a China-backed hacking group to steal one of the keys to Microsoft’s email kingdom that granted near unfettered access to U.S. government inboxes. Microsoft explained in a long-awaited blog post this week how the hackers pulled off the heist. But while one mystery was solved, several important details remain unknown.

To recap, Microsoft disclosed in July that hackers it calls Storm-0558, which it believes are backed by China, “acquired” an email signing key that Microsoft uses to secure consumer email accounts like Outlook.com. The hackers used that digital skeleton key to break into both the personal and enterprise email accounts of government officials hosted by Microsoft. The hack is seen as a targeted espionage campaign aimed at snooping on the unclassified emails of U.S. government officials and diplomats, reportedly including U.S. Commerce Secretary Gina Raimondo and U.S. Ambassador to China Nicholas Burns.

How the hackers obtained that consumer email signing key was a mystery — even to Microsoft — until this week when the technology giant belatedly laid out the five separate issues that led to the eventual leak of the key.

Microsoft said in its blog post that in April 2021, a system used as part of the consumer key signing process crashed. The crash produced a snapshot image of the system for later analysis. This consumer key signing system is kept in a “highly isolated and restricted” environment where internet access is blocked to defend against a range of cyberattacks. Unbeknownst to Microsoft, when the system crashed, the snapshot image inadvertently included a copy of the consumer signing key 1️⃣ but Microsoft’s systems failed to detect the key in the snapshot 2️⃣.

The snapshot image was “subsequently moved from the isolated production network into our debugging environment on the internet connected corporate network” to understand why the system crashed. Microsoft said this was consistent with its standard debugging process, but that the company’s credential scanning methods also did not detect the key’s presence in the snapshot image 3️⃣.

Then, at some point after the snapshot image was moved to…

Source…

Microsoft Details How Chinese Hackers Acquired Signing Key for Outlook Breach

/in


Microsoft says it’s uncovered the mystery to how suspected Chinese hackers acquired a digital signing key to pull off July’s Outlook breach that ensnared several US government agencies. 

According to Microsoft, the key was accidentally leaked when the company computer holding it crashed in April 2021. During the error, the machine generated a crash dump report, which failed to redact the key from the file due to a software bug. 

Microsoft added that company computers that hold such signing keys are “highly isolated,” and have been stripped of various internet services, such as email and video conferencing. However, the crash dump report ended up opening a hole in the security. The unredacted file was automatically passed to a Microsoft computer devoted to debugging, which also happened to be connected to the internet. 

This paved a way for the Chinese hackers to loot the digital key when they compromised a Microsoft engineer’s corporate account, although it remains unclear how this occurred.

“This account had access to the debugging environment containing the crash dump which incorrectly contained the key,” the company said in Wednesday’s report. “Due to log retention policies, we don’t have logs with specific evidence of this exfiltration by this actor, but this was the most probable mechanism by which the actor acquired the key.”

Stealing the key then allowed the suspected Chinese hackers to forge the authentication tokens to access customer emails on Microsoft’s Outlook service. That said, the signing key was originally designed for consumer Microsoft accounts—not the enterprise Outlook accounts that the hackers targeted. 

The problem is that Microsoft neglected to update a software library to automatically validate key signing signatures between consumer and enterprise accounts. “Developers in the mail system incorrectly assumed libraries performed complete validation and did not add the required issuer/scope validation,” Microsoft said. “Thus, the mail system would accept a request for enterprise email using a security token signed with the consumer key.” 

Microsoft issued the report as the company has come under criticism for failing to…

Source…

Hackers Force Shutdown of Two Key Astronomical Observatories

/in


The International Gemini Observatory, a key player in global astronomical research, has temporarily halted astronomical operations following a cyberattack. The culprits and their motives remain unknown.

No Google AI Search, I Don’t Need to Learn About the “Benefits of Slavery”

The computer hack, which took place on the morning of August 1, led to the suspension of the Gemini North and South Telescopes, as detailed in an August 24 statement from the National Optical-Infrared Astronomy Research Laboratory (NOIRLab). While the North telescope is situated in Hawaii, its southern counterpart is located on Cerro Pachón, Chili, with a few other smaller telescopes located in Cerro Tololo, also in Chile. Observatories stationed on Arizona’s Kitt Peak, however, remain unaffected by the intrusion, according to NOIRLab.

As a precaution, the Gemini.edu website has been taken offline. NOIRLab remains optimistic about its reactivation, saying: “We are encouraged by the progress made thus far.” Specific details concerning the cyberattack have yet to be released, with NOIRLab citing security concerns. NOIRLab says the deactivation of the Gemini.edu site was purely precautionary, even though the main NOIRLab website remains active.

“Like the entire astronomy community, we are disappointed that some of our telescopes are not currently observing. Fortunately, we have been able to keep some telescopes online and collect data with in-person workarounds,” NOIRLab stated in its release. “We are grateful for the support of the astronomy community during this difficult time and we thank everyone for their patience as our teams continue to work towards restoring normal operations.”

Gemini North on Maunakea in Hawai‘i.

Gemini North on Maunakea in Hawai‘i.
Photo: NOIRLab

Backed by the National Science Foundation (NSF), NOIRLab plays a pivotal role in optical and infrared ground-based astronomical observations. While the Gemini Observatory’s telescopes aren’t the largest based on mirror size, they stand out due to their versatility, innovative instruments, and geographically strategic placement in both the Northern and Southern Hemispheres. This gives researchers access to an expansive range of astronomical objects and…

Source…