Security News

Only a third of PostgreSQL databases connected to the internet use SSL for encrypted messaging, according to a cloud database provider. Bit.io, which offers a drag-and-drop database as a service based on PostgreSQL, searched shodan.io to create a sample of 820,000 PostgreSQL servers connected to the internet over September 1-29.

Matrix decentralized communication platform has published a security warning about two critical-severity vulnerabilities that affect the end-to-end encryption in the software development kit. A threat actor exploiting these flaws could break the confidentiality of Matrix communications and run man-in-the-middle attacks that expose message contents in a readable form.

Four security researchers have identified five cryptographic vulnerabilities in code libraries that can be exploited to undermine Matrix encrypted chat clients. "Our perspective is that these attacks together show a rich attack surface in Matrix from both a protocol and implementation perspective," Benjamin Dowling, a lecturer in cybersecurity, told The Register this week.

Tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages. "After the reversal of Roe v. Wade and with more rights cutbacks on the way, tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages."

The recent attacks bear various signatures linked to TeamTNT and rely on tools previously deployed by the gang, indicating that the threat actor is likely making a comeback. The researchers observed three attack types being used in the allegedly new TeamTNT attacks, with the most interesting one being to use the computational power of hijacked servers to run Bitcoin encryption solvers.

A study of BlackCat ransomware using different file sizes revealed that intermittent encryption brings significant speed benefits to threat actors. Historically, LockFile ransomware has been the first malware family to make use of intermittent encryption, in mid-2021, yet several different ransomware families are now using it.

These groups actively promote the presence of intermittent encryption features in their ransomware family to entice affiliates to join the RaaS operation. Agenda ransomware offers intermittent encryption as an optional and configurable setting.

A developer says it was possible to run their own software on the car infotainment hardware after discovering the vehicle's manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples. "Turns out the [AES] encryption key in that script is the first AES 128-bit CBC example key listed in the NIST document SP800-38A [PDF]".

Fully Homomorphic Encryption (FHE) is a cryptographic primitive that enables performing computations over encrypted data without having access to the secret key. In this Help Net Security video,...

Social media company Meta said it will begin testing end-to-end encryption on its Messenger platform this week for select users as the default option, as the company continues to slowly add security layers to its various chat services. "If you're in the test group, some of your most frequent chats may be automatically end-to-end encrypted, which means you won't have to opt in to the feature," Sara Su, product management director of Messenger Trust, said.