Security News

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

Palo Alto Networks security researchers have discovered a Linux-based cryptocurrency-mining botnet that being delivered via PostgreSQL. Dubbed PGMiner, the botnet exploits a remote code execution vulnerability in PostgreSQL to compromise database servers and then abuse them for mining for the Monero cryptocurrency. An open source relational database management system widely used in production environments, PostgreSQL has a "Copy from program" feature that was labeled as a vulnerability, something that the PostgreSQL security team quickly disputed.

Environmental group WWF operates a tragically necessary maritime cleanup operation to find and remove so-called "Ghost nets" from the sea. A ghost net is any rogue fishing device that has got loose and carries on snagging sea creatures, including fish, sea mammals such as whales and dolphins, and even birds, in an uncontrollable way.

A nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research. Attributing the shift to a threat actor tracked as Bismuth, Microsoft's Microsoft 365 Defender Threat Intelligence Team said the group deployed Monero coin miners in attacks that targeted both the private sector and government institutions in France and Vietnam between July and August earlier this year.

Using social engineering tricks, the hackers were able to change the DNS settings of their victims' domain names, redirecting connections and mail to their own servers. GoDaddy, the world's biggest domain-name registrar, confirmed "a small number of customer domains and/or account information" were altered after "a limited number of GoDaddy employees" were duped.

Entrust announced its Cryptographic Center of Excellence solutions, providing the tools and resources enterprises need to take command of their crypto instances and PKI systems through best practices that bring together the visibility, expertise and compliance required for a strong crypto strategy. "Organizations need to look at 'encrypt everything' strategies to protect their enterprises in a zero trust world. Crypto is critical infrastructure that requires expertise, dedicated resources and a set of standards to keep it under control and in compliance."

Matthew Green, associate professor of computer science at Johns Hopkins University in the US, wants Google and other email providers to make it possible for people to deny they've written old email messages. He has asked the Gmail goliath, as the largest commercial email service, to rotate its Domain Keys Identified Mail encryption keys periodically and to publish old keys to reduce the incentive for hackers to steal and leak email messages.

Swiss politicians only found out last year that cipher machine company Crypto AG was owned by the US and Germany during the Cold War, a striking report from its parliament has revealed. Although Swiss spies themselves knew that Crypto AG's products were being intentionally weakened so the West could read messages passing over them, they didn't tell governmental overseers until last year - barely one year after the operation ended.

Researchers have disclosed the details of a new side-channel attack method that can be used to obtain sensitive information from a system by observing variations in the processor's power consumption. The PLATYPUS attack relies on having access to Intel's Running Average Power Limit, a feature introduced by the company with the Sandy Bridge microarchitecture and which is designed for monitoring and controlling the CPU and DRAM power consumption.