Security News

Unbound Security announced the launch of Unbound MPC Labs, a research initiative to advance the state of the art of multiparty computation research with commercial applications. Five years after the emergence of MPC into the practical realm of business, the initiative brings together MPC research, survey papers and videos from members to share and educate the community on the MPC research carried out by Unbound and its members.

UK Research and Innovation, the British government's science and research organisation, has temporarily turned off a couple of its web-facing services after an apparent ransomware attack. In a statement issued last week while everyone was gazing goggle-eyed at the European Union's vaccine export struggles, UKRI said data from its Brussels-based UK Research Office and an extranet service had been "Encrypted by a third party".

The UK Research and Innovation is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and research.

Google Project Zero researcher Natalie Silvanovich outlined what she believes is a common theme when it comes to serious vulnerabilities impacting leading chat platforms. The research, published Tuesday, identifies a common denominator within chat platforms, called "Calling state machine", which acts as a type of dial tone for messenger applications.

An international research team has developed a fast and affordable quantum random number generator. The device created by scientists from NUST MISIS, Russian Quantum Center, University of Oxford, Goldsmiths, University of London and Freie Universität Berlin produces randomness at a rate of 8.05 gigabits per second, which makes it the fastest random number generator of its kind.

Swimlane announced it has raised $40 million in funding led by EIP. This funding will accelerate partnerships and alliances, expand research and development, and enable further global expansion. For years, companies have focused on threat detection and prevention, with limited investment in innovation to help security staff keep up with their workload. Swimlane stands out in the market for enabling organizations to automate every aspect of their security operations.

Abu Dhabi and the UAE are working to pioneer breakthroughs in post-quantum cryptography and neuromorphic computing through an international partnership between Technology Innovation Institute's Cryptography Research Centre and Yale University, an Ivy League research university in Connecticut, United States. Speaking on the partnership, Dr Najwa Aaraj, Chief Researcher at Cryptography Research Centre, said: "We are excited to work with peers from Yale University in carrying out groundbreaking research in these two vital fields. At the Cryptography Research Centre, we are creating a knowledge-driven ecosystem powered by like-minded scientists and researchers - all focused on designing breakthrough solutions in different areas of cryptography."

The US Treasury Department's Financial Crimes Enforcement Network warned financial institutions of ransomware actively targeting vaccine research organizations. "FinCEN is aware of ransomware directly targeting vaccine research, and FinCEN asks financial institutions to stay alert to ransomware targeting vaccine delivery operations as well as the supply chains required to manufacture the vaccines," the US Treasury Department bureau warned [PDF].

North Korean nation-state hackers tracked as the Lazarus Group have recently compromised organizations involved in COVID-19 research and vaccine development. After slithering into their network, the North Korean state hackers deployed Bookcode and wAgent malware with backdoor capabilities.

Threat actors such as the notorious Lazarus group are continuing to tap into the ongoing COVID-19 vaccine research to steal sensitive information to speed up their countries' vaccine-development efforts. Cybersecurity firm Kaspersky detailed two incidents at a pharmaceutical company and a government ministry in September and October leveraging different tools and techniques but exhibiting similarities in the post-exploitation process, leading the researchers to connect the two attacks to the North Korean government-linked hackers.