CySecurity News - Latest Information Security and Hacking Incidents: Encryption

Cyber Security Data Privacy Digital Security Encryption End-to-End Encryption Government surveillance

Encryption Under Siege: A New Wave of Attacks Intensifies

Over the past decade, encrypted communication has become a standard for billions worldwide. Platforms like Signal, iMessage, and WhatsApp use default end-to-end encryption, ensuring user privacy. Despite widespread adoption, governments continue pushing for greater access, threatening encryption’s integrity.

Recently, authorities in the UK, France, and Sweden have introduced policies that could weaken encryption, adding to EU and Indian regulatory measures that challenge privacy. Meanwhile, US intelligence agencies, previously critical of encryption, now advocate for its use after major cybersecurity breaches. The shift follows an incident where the China-backed hacking group Salt Typhoon infiltrated US telecom networks. Simultaneously, the second Trump administration is expanding surveillance of undocumented migrants and reassessing intelligence-sharing agreements.

“The trend is bleak,” says Carmela Troncoso, privacy and cryptography researcher at the Max-Planck Institute for Security and Privacy. “New policies are emerging that undermine encryption.”

Law enforcement argues encryption obstructs criminal investigations, leading governments to demand backdoor access to encrypted platforms. Experts warn such access could be exploited by malicious actors, jeopardizing security. Apple, for example, recently withdrew its encrypted iCloud backup system from the UK after receiving a secret government order. The company’s compliance would require creating a backdoor, a move expected to be challenged in court on March 14. Similarly, Sweden is considering laws requiring messaging services like Signal and WhatsApp to retain message copies for law enforcement access, prompting Signal to threaten market exit.

“Some democracies are reverting to crude approaches to circumvent encryption,” says Callum Voge, director of governmental affairs at the Internet Society.

A growing concern is client-side scanning, a technology that scans messages on users’ devices before encryption. While presented as a compromise, experts argue it introduces vulnerabilities. The EU has debated its implementation for years, with some member states advocating stronger encryption while others push for increased surveillance. Apple abandoned a similar initiative after warning that scanning for one type of content could pave the way for mass surveillance.

“Europe is divided, with some countries strongly in favor of scanning and others strongly against it,” says Voge.

Another pressing threat is the potential banning of encrypted services. Russia blocked Signal in 2024, while India’s legal battle with WhatsApp could force the platform to abandon encryption or exit the market. The country has already prohibited multiple VPN services, further limiting digital privacy options.

Despite mounting threats, pro-encryption responses have emerged. The US Cybersecurity and Infrastructure Security Agency and the FBI have urged encrypted communication use following recent cybersecurity breaches. Sweden’s armed forces also endorse Signal for unclassified communications, recognizing its security benefits.

With the UK’s March 14 legal proceedings over Apple’s backdoor request approaching, US senators and privacy organizations are demanding greater transparency. UK civil rights groups are challenging the confidential nature of such surveillance orders.

“The UK government may have come for Apple today, but tomorrow it could be Google, Microsoft, or even your VPN provider,” warns Privacy International.

Encryption remains fundamental to human rights, safeguarding free speech, secure communication, and data privacy. “Encryption is crucial because it enables a full spectrum of human rights,” says Namrata Maheshwari of Access Now. “It supports privacy, freedom of expression, organization, and association.”

As governments push for greater surveillance, the fight for encryption and privacy continues, shaping the future of digital security worldwide.

Thousands of iOS Apps Expose Sensitive Data Through Hardcoded Secrets, Researchers Warn



 

iOS

API Keys App security cloud storage Cybersecurity Data Breach Data Leak Encryption Hardcoded Secrets iOS

Thousands of iOS Apps Expose Sensitive Data Through Hardcoded Secrets, Researchers Warn

Cybersecurity researchers have uncovered alarming vulnerabilities in thousands of iOS applications, revealing that hardcoded secrets in their code have put users' sensitive information at risk.

A recent analysis by Cybernews examined over 156,000 iOS apps and detected more than 815,000 hardcoded secrets—some of which are highly sensitive and could potentially lead to security breaches or data leaks.

The term "secret" broadly refers to sensitive credentials like API keys, passwords, and encryption keys. These are often embedded directly into an app’s source code for convenience during development, but developers sometimes fail to remove them before release. According to Cybernews, the average iOS app exposes 5.2 secrets, and 71% of apps contain at least one leaked credential.

While some of these hardcoded secrets pose minimal risk, the report highlights serious threats. Researchers identified over 83,000 cloud storage endpoints, with 836 exposed without authentication, potentially leaking more than 400TB of data. Additionally, 51,000 Firebase endpoints were discovered, thousands of which were accessible to outsiders. Other exposed credentials include API keys for platforms like Fabric API, Live Branch, and MobApp Creator.

Among the most critical findings were 19 hardcoded Stripe secret keys, which directly control financial transactions. Cybernews researchers emphasized the severity of this issue, stating: “Stripe is widely used by e-commerce and even fintech companies to handle online payments.”

This vulnerability could allow cybercriminals to manipulate transactions or gain unauthorized access to payment infrastructure.

The findings challenge the common belief that iOS apps offer stronger security compared to other platforms.

“Many people believe that iOS apps are more secure and less likely to contain malware. However, our research shows that many apps in the ecosystem contain easily accessible hardcoded credentials. We followed the trail and found open databases with personal data and accessible infrastructure,” said Aras Nazarovas, a security researcher at Cybernews.

This study underscores the importance of secure coding practices and urges developers to adopt better security protocols to prevent data breaches and unauthorized access.

Hawcx Aims to Solve Passkey Challenges with Passwordless Authentication



 

Technology

Authentication Cybersecurity Digital Identity Encryption Passkeys Passwordless Technology

Hawcx Aims to Solve Passkey Challenges with Passwordless Authentication

Passwords remain a staple of online security, despite their vulnerabilities. According to Verizon, nearly one-third of all reported data breaches in the past decade resulted from stolen credentials, including some of the largest cyberattacks in history.

In response, the tech industry has championed passkeys as a superior alternative to passwords. Over 15 billion accounts now support passkey technology, with major companies such as Amazon, Apple, Google, and Microsoft driving adoption.

However, widespread adoption remains sluggish due to concerns about portability and usability. Many users find passkeys cumbersome, particularly when managing access across multiple devices.

Cybersecurity startup Hawcx is addressing these passkey limitations with its innovative authentication technology. By eliminating key storage and transmission issues, Hawcx enhances security while improving usability.

Users often struggle with passkey setup and access across devices, leading to account lockouts and costly recovery—a significant challenge for businesses. As Dan Goodin of Ars Technica highlights, while passkeys offer enhanced security, their complexity can introduce operational inefficiencies at scale.

Hawcx, founded in 2023 by Riya Shanmugam (formerly of Adobe, Google, and New Relic), along with Selva Kumaraswamy and Ravi Ramaraju, offers a platform-agnostic solution. Developers can integrate its passwordless authentication by adding just five lines of code.

Unlike traditional passkeys, Hawcx does not store or transmit private keys. Instead, it cryptographically generates private keys each time a user logs in. This method ensures compatibility with older devices that lack modern hardware for passkey support.

“We are not reinventing the wheel fundamentally in most of the processes we have built,” Shanmugam told TechCrunch.

If a user switches devices, Hawcx’s system verifies authenticity before granting access, without storing additional private keys on the new device or in the cloud. This approach differs from standard passkeys, which require syncing private keys across devices or through cloud services.

“No one is challenging beyond the foundation,” Shanmugam said. “What we are challenging is the foundation itself. We are not building on top of what passkeys as a protocol provides. We are saying this protocol comes with an insane amount of limitations for users, enterprises, and developers, and we can make it better.”

Although Hawcx has filed patents, its technology has yet to be widely deployed or independently validated—factors that could influence industry trust. However, the company recently secured $3 million in pre-seed funding from Engineering Capital and Boldcap to accelerate development and market entry.

Shanmugam revealed that Hawcx is in talks with major banks and gaming companies for pilot programs set to launch in the coming weeks. These trials, expected to run for three to six months, will help refine the technology before broader implementation. Additionally, the startup is working with cryptography experts from Stanford University to validate its approach.

“As we are rolling out passkeys, the adoption is low. It’s clear to me that as good as passkeys are and they have solved the security problem, the usability problem still remains,” Tushar Phondge, director of consumer identity at ADP, told TechCrunch.

ADP plans to pilot Hawcx’s solution to assess its effectiveness in addressing passkey-related challenges, such as device dependency and system lockups.

Looking ahead, Hawcx aims to expand its authentication platform by integrating additional security services, including document verification, live video authentication, and background checks.

Frances Proposes Law Requiring Tech Companies to Provide Encrypted Data



 

AI Backdoor Data Encryption Pegasus Spyware Technology WhatsApp

Frances Proposes Law Requiring Tech Companies to Provide Encrypted Data

Law demanding companies to provide encrypted data

New proposals in the French Parliament will mandate tech companies to give decrypted messages, email. If businesses don’t comply, heavy fines will be imposed.

France has proposed a law requiring end-to-end encryption messaging apps like WhatsApp and Signal, and encrypted email services like Proton Mail to give law enforcement agencies access to decrypted data on demand.

The move comes after France’s proposed “Narcotraffic” bill, asking tech companies to hand over encrypted chats of suspected criminals within 72 hours.

The law has stirred debates in the tech community and civil society groups because it may lead to building of “backdoors” in encrypted devices that can be abused by threat actors and state-sponsored criminals.

Individuals failing to comply will face fines of €1.5m and companies may lose up to 2% of their annual world turnover in case they are not able to hand over encrypted communications to the government.

Criminals will exploit backdoors

Few experts believe it is not possible to bring backdoors into encrypted communications without weakening their security.

According to Computer Weekly’s report, Matthias Pfau, CEO of Tuta Mail, a German encrypted mail provider, said, “A backdoor for the good guys only is a dangerous illusion. Weakening encryption for law enforcement inevitably creates vulnerabilities that can – and will – be exploited by cyber criminals and hostile foreign actors. This law would not just target criminals, it would destroy security for everyone.”

Researchers stress that the French proposals aren’t technically sound without “fundamentally weakening the security of messaging and email services.” Similar to the “Online Safety Act” in the UK, the proposed French law exposes a serious misunderstanding of the practical achievements with end-to-end encrypted systems. Experts believe “there are no safe backdoors into encrypted services.”

Use of spyware may be allowed

The law will allow using infamous spywares such as NSO Group’s Pegasus or Pragon that will enable officials to remotely surveil devices. “Tuta Mail has warned that if the proposals are passed, it would put France in conflict with European Union laws, and German IT security laws, including the IT Security Act and Germany’s Telecommunications Act (TKG) which require companies to secure their customer’s data,” reports Computer Weekly.

Protect Your Security Cameras from Hackers with These Simple Steps



 

Security Cameras

Encryption Hackers Passwords Privacy Security Cameras

Protect Your Security Cameras from Hackers with These Simple Steps

Security cameras are meant to keep us safe, but they can also become targets for hackers. If cybercriminals gain access, they can spy on you or tamper with your footage. To prevent this, follow these straightforward tips to ensure your security cameras remain under your control.

1. Avoid Cheap or Second-Hand Cameras

While it might be tempting to buy an inexpensive or used security camera, doing so can put your privacy at risk. Unknown brands or knockoffs may have weak security features, making them easier to hack. Used cameras, even if reset, could still contain old software vulnerabilities or even hidden malware. Always choose reputable brands with good security records.

2. Choose Cameras with Strong Encryption

Encryption ensures that your video data is protected from unauthorized access. Look for brands that offer end-to-end encryption, which keeps your footage secure even if intercepted. Some brands, like Ring and Arlo, provide full encryption options, while others offer partial protection. The more encryption a company provides, the better your data is protected.

3. Research Security Reputation Before Buying

Before purchasing a camera, check if the company has a history of data breaches or security flaws. Some brands have had incidents where hackers accessed user data, so it’s essential to choose a manufacturer with a strong commitment to cybersecurity. Look for companies that use offline storage or advanced security features to minimize risks.

4. Strengthen Your Wi-Fi and App Passwords

A weak Wi-Fi password can allow hackers to access all connected devices in your home, including security cameras. Always use a strong, unique password for both your Wi-Fi network and camera app. Enable encryption on your router, activate built-in firewalls, and consider using a virtual private network (VPN) for extra protection. If you experience life changes like moving or breaking up with a partner, update your passwords to prevent unauthorized access.

5. Keep Your Camera Software Updated

Security camera companies regularly release updates to fix vulnerabilities and improve protection. If your camera has an option for automatic updates, turn it on. If not, make sure to check for updates manually through your camera app to ensure your system has the latest security patches.

6. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security by requiring a second verification step, such as a text message or email code, before logging in. This prevents unauthorized users from accessing your camera, even if they have your password.

Modern security cameras are much safer than before, thanks to improved encryption and security features. Most hacking attempts happen when users fail to secure their accounts or choose unreliable brands. However, there is still a risk if the camera company itself experiences a data breach. To minimize exposure, consider cameras with local storage or privacy covers for indoor models.

Who Tries to Hack Security Cameras?

In most cases, security cameras are not hacked by strangers. Instead, unauthorized access usually comes from people you know, such as an ex-partner or family member who already has login details. Occasionally, unethical employees at security companies have been caught misusing access. Ensuring strong passwords, encryption, and additional security measures can help prevent these issues.

By following these simple steps, you can keep your security cameras safe from hackers and ensure your home remains private and secure.

RSA Encryption Breached by Quantum Computing Advancement



 

Technology

Cryptographic CyberCrime Cybersecurity CyberThreat Encryption Quantum computing RSA Technology

RSA Encryption Breached by Quantum Computing Advancement

A large proportion of the modern digital world involves everyday transactions taking place on the internet, from simple purchases to the exchange of highly sensitive corporate data that is highly confidential. In this era of rapid technological advancement, quantum computing is both perceived as a transformative opportunity and a potential security threat.

Quantum computing has been generating considerable attention in recent years, but as far as the 2048-bit RSA standard is concerned, it defies any threat these advances pose to the existing encryption standards that have been in use for decades. Several cybersecurity experts have expressed concern about quantum technologies potentially compromising military-grade encryption because of the widespread rumours.

However, these developments have not yet threatened robust encryption protocols like AES and TLS, nor do they threaten high-security encryption protocols like SLA or PKI. In addition to being a profound advancement over classical computing, quantum computing utilizes quantum mechanics principles to produce computations that are far superior to classical computation.

Despite the inherent complexity of this technology, it has the potential to revolutionize fields such as pharmaceutical research, manufacturing, financial modelling, and cybersecurity by bringing enormous benefits. The quantum computer is a device that combines the unique properties of subatomic particles with the ability to perform high-speed calculations and is expected to revolutionize the way problems are solved across a wide range of industries by exploiting their unique properties.

Although quantum-resistant encryption has been the focus of much attention lately, ongoing research is still essential if we are to ensure the long-term security of our data. As a major milestone in this field occurred in 2024, researchers reported that they were able to successfully compromise RSA encryption, a widely used cryptography system, with a quantum computer.

To ensure the security of sensitive information transferred over digital networks, data encryption is an essential safeguard. It converts the plaintext into an unintelligible format that can only be decrypted with the help of a cryptographic key that is designated by the sender of the encrypted data. It is a mathematical value which is known to both the sender and the recipient but it is only known to them. This set of mathematical values ensures that only authorized parties can access the original information.

To be able to function, cryptographic key pairs must be generated, containing both a public key and a private key. Plaintext is encrypted using the public key, which in turn encrypts it into ciphertext and is only decryptable with the corresponding private key. The primary principle of RSA encryption is that it is computationally challenging to factor large composite numbers, which are formed by multiplying two large prime numbers by two.

Therefore, RSA encryption is considered highly secure. As an example, let us consider the composite number that is released when two 300-digit prime numbers are multiplied together, resulting in a number with a 600-digit component, and whose factorization would require a very long period if it were to be done by classical computing, which could extend longer than the estimated lifespan of the universe.

Despite the inherent complexity of the RSA encryption standard, this standard has proven to be extremely resilient when it comes to securing digital communications. Nevertheless, the advent of quantum computing presents a formidable challenge to this system. A quantum computer has the capability of factoring large numbers exponentially faster than classical computers through Shor's algorithm, which utilizes quantum superposition to perform multiple calculations at once, which facilitates the simultaneous execution of many calculations at the same time.

Among the key components of this process is the implementation of the Quantum Fourier Transform (QFT), which extracts critical periodic values that are pertinent to refining the factorization process through the extraction of periodic values. Theoretically, a quantum computer capable of processing large integers could be able to break down the RSA encryption into smaller chunks of data within a matter of hours or perhaps minutes, effectively rendering the security of the encryption susceptible.

As quantum computing advances, the security implications for cryptographic systems such as RSA are under increasing threat, necessitating that quantum-resistant encryption methodologies must be developed. There is a significant threat posed by quantum computers being able to decrypt such encryption mechanisms, and this could pose a substantial challenge to current cybersecurity frameworks, underscoring the importance of continuing to improve quantum-resistant cryptographic methods.

The classical computing system uses binary bits for the representation of data, which are either zero or one digits. Quantum computers on the other hand use quantum bits, also called qubits, which are capable of occupying multiple states at the same time as a result of the superposition principle. As a result of this fundamental distinction, quantum computers can perform highly complex computations much faster than classical machines, which are capable of performing highly complex computations.

As an example of the magnitude of this progress, Google reported a complex calculation that it successfully performed within a matter of seconds on its quantum processor, whereas conventional computing technology would have taken approximately 10,000 years to accomplish. Among the various domains in which quantum computing can be applied, a significant advantage can be seen when it comes to rapidly processing vast datasets, such as the artificial intelligence and machine learning space.

As a result of this computational power, there are also cybersecurity concerns, as it may undermine existing encryption protocols by enabling the decryption of secure data at an unprecedented rate, which would undermine existing encryption protocols. As a result of quantum computing, it is now possible for long-established cryptographic systems to be compromised by quantum computers, raising serious concerns about the future security of the internet. However, there are several important caveats to the recent study conducted by Chinese researchers which should be taken into account.

In the experiment, RSA encryption keys were used based on a 50-bit integer, which is considerably smaller and less complex than the encryption standards used today in security protocols that are far more sophisticated. RSA encryption is a method of encrypting data that relies on the mathematical difficulty of factoring large prime numbers or integers—complete numbers that cannot be divided into smaller fractions by factors.

To increase the security of the encryption, the process is exponentially more complicated with larger integers, resulting in a greater degree of complexity. Although the study by Shanghai University proved that 50-bit integers can be decrypted successfully, as Ron Rivest, Adi Shamir, and Leonard Adleman have stressed to me, this achievement has no bearing on breaking the 2048-bit encryption commonly used in current RSA implementations. This achievement, however, is far from achieving any breakthrough in RSA. As a proof of concept, the experiment serves rather as a potential threat to global cybersecurity rather than as an immediate threat.

It was demonstrated in the study that quantum computers are capable of decrypting relatively simple RSA encryption keys, however, they are unable to crack the more robust encryption protocols that are currently used to protect sensitive digital communications. The RSA algorithm, as highlighted by RSA Security, is the basis for all encryption frameworks across the World Wide Web, which means that almost all internet users have a vested interest in whether or not these cryptographic protections remain reliable for as long as possible. Even though this experiment does not signal an imminent crisis, it certainly emphasizes the importance of continuing to be vigilant as quantum computing technology advances in the future.

Report: Telegram Crypto Scammers Adopt More Sophisticated Tactics



 

Crypto scams Cyber Fraud Encryption malware scams phishing tactics Telegram

Report: Telegram Crypto Scammers Adopt More Sophisticated Tactics

Telegram, a popular communications app known for encrypted messaging and calls, has become a prime target for sophisticated malware scams, according to the Web3-focused Scam Sniffer account on X. Sharing data on the platform, Scam Sniffer revealed that scammers on Telegram are now deploying malware instead of traditional phishing tactics.

The app, often considered an alternative to WhatsApp and Signal, offers privacy through encryption, making it attractive for both legitimate users and scammers. Previously, cryptocurrency scams on Telegram relied heavily on phishing techniques involving spoofed web pages and social engineering to extract sensitive information or access to crypto wallets.

However, the latest scam wave employs deceptive tools like fake verification bots, scam trading groups, and so-called “exclusive alpha groups,” as noted by Scam Sniffer. Victims are tricked into installing malware disguised as verification tools. Once installed, the malware can access passwords, wallets, clipboard data, and even browser information, leaving victims highly vulnerable.

Scammers have shifted to malware schemes partly because users are now more aware of traditional phishing tactics. Scam Sniffer pointed out that these new approaches make it harder to trace the source of the scams. The rise in cryptocurrency scams has been dramatic, with data showing over 2000% growth in dedicated scam groups. Bitcoin's soaring value, surpassing $100,000, has made cryptocurrency users more frequent targets.

Telegram has actively banned accounts involved in these scams, but managing the volume of malicious actors remains challenging. The website “Web3 is Going Great,” which tracks Web3-related scams, reports $7.84 million in losses from scams and hacks so far this year.

Bitcoin Security Concerns Amid Quantum Computing Advancements



 

Quantum computing

Bitcoin Bitcoin Vulnerability Blockchain Blockchain Technology Computing Cryptography Cyber Secuirty Encryption Quantum computing

Bitcoin Security Concerns Amid Quantum Computing Advancements

Chamath Palihapitiya, CEO of Social Capital, has raised alarms over Bitcoin’s future security, cautioning that its SHA-256 encryption may become vulnerable within the next two to five years. Speaking on the All-In Podcast, he highlighted rapid advancements in quantum computing, particularly Google’s unveiling of the Willow quantum chip featuring 105 qubits. Palihapitiya estimates that 8,000 such chips could potentially breach SHA-256 encryption, underscoring the pressing need for blockchain networks to adapt.

Quantum Computing's Impact on Cryptography

While acknowledging the infancy of quantum computing, Palihapitiya pointed to Google’s Willow chip as a pivotal development that could accelerate breakthroughs in cryptography. Despite scalability challenges, he remains optimistic that the cryptocurrency sector will evolve to develop quantum-resistant encryption methods.

Not all experts share his concerns, however. Ki Young Ju, founder of CryptoQuant, has expressed confidence that Bitcoin’s encryption is unlikely to face quantum threats within this decade.

Satoshi Nakamoto’s Early Solutions

Bitcoin’s pseudonymous creator, Satoshi Nakamoto, had anticipated such scenarios. In 2010, Satoshi proposed that the Bitcoin community could agree on the last valid blockchain snapshot and transition to a new cryptographic framework if SHA-256 were compromised. However, these early solutions are not without controversy.

Emin Gün Sirer, founder of Avalanche, has warned that some of Satoshi’s early-mined coins used an outdated Pay-To-Public-Key (P2PK) format, which exposes public keys and increases the risk of exploitation. Sirer suggested the Bitcoin community should consider freezing these coins or setting a sunset date for outdated transactions to mitigate risks.

Recent advancements in quantum computing, including Google’s Willow chip, briefly unsettled the cryptocurrency market. A sudden wave of liquidations resulted in $1.6 billion being wiped out within 24 hours. However, Bitcoin demonstrated resilience, reclaiming the $100,000 resistance level and achieving a 4.6% weekly gain.

Proactive Measures for Long-Term Security

Experts widely agree that proactive steps, such as transitioning to quantum-resistant cryptographic frameworks, will be essential for ensuring Bitcoin’s long-term security. As the quantum era approaches, collaboration and innovation within the cryptocurrency community will be pivotal in maintaining its robustness against emerging threats.

The ongoing advancements in quantum computing present both challenges and opportunities. While they highlight vulnerabilities in existing systems, they also drive the cryptocurrency sector toward innovative solutions that will likely define the next chapter in its evolution.

Google's Quantum Computing Leap: Introducing the "Willow" Chip



 

Technology

Encryption Google Oxford University Quantum computing Technology

Google's Quantum Computing Leap: Introducing the "Willow" Chip

Google has made a significant stride in quantum computing with the announcement of its latest chip, named "Willow." According to Google, this advanced chip can solve problems in just five minutes that would take the most powerful supercomputers on Earth an astonishing 10 septillion years to complete. This breakthrough underscores the immense potential of quantum computing, a field that seeks to harness the mysterious and powerful principles of quantum mechanics.

What is Quantum Computing?

Quantum computing represents a revolutionary leap in technology, distinct from traditional computing. While classical computers use "bits" to represent either 0 or 1, quantum computers use "qubits," which can represent multiple states simultaneously. This phenomenon, known as superposition, arises from quantum mechanics—a branch of physics studying the behavior of particles at extremely small scales. These principles allow quantum computers to process massive amounts of information simultaneously, solving problems that are far beyond the reach of even the most advanced classical computers.

Key Achievements of Willow

Google's Willow chip has tackled one of the most significant challenges in quantum computing: error rates. Typically, increasing the number of qubits in a quantum system leads to higher chances of errors, making it difficult to scale up quantum computers. However, Willow has achieved a reduction in error rates across the entire system, even as the number of qubits increases. This makes it a more efficient and reliable product than earlier models.

That said, Google acknowledges that Willow remains an experimental device. Scalable quantum computers capable of solving problems far beyond the reach of current supercomputers are likely years away, requiring many additional advancements.

Applications and Risks of Quantum Computing

Quantum computers hold the promise of solving problems that are impossible for classical computers, such as:

Designing better medicines and more efficient batteries.
Optimizing energy systems for greater efficiency.
Simulating complex systems, like nuclear fusion reactions, to accelerate clean energy development.

However, this power also comes with risks. For example, quantum computers could potentially "break" existing encryption methods, jeopardizing sensitive information. In response, companies like Apple are already developing "quantum-proof" encryption to counter future threats.

Global Efforts in Quantum Computing

Google's Willow chip was developed in a cutting-edge facility in California, but the race for quantum supremacy is global:

The UK has established a National Quantum Computing Centre to support research and development.
Japan and researchers at Oxford University are exploring alternative methods, such as room-temperature quantum computing.

These international efforts reflect intense competition to lead this transformative technology.

A Step Towards the Future

Experts describe Willow as an important milestone rather than a definitive breakthrough. While it is a game-changing chip, challenges such as further reductions in error rates remain before quantum computers see widespread practical use. Nevertheless, Google’s advancements have brought the world closer to a future where quantum computing can revolutionize industries and solve some of humanity’s most complex challenges.

This remarkable progress highlights the vast potential of quantum computing while reminding us of the responsibility to use its power wisely.

NEW Qilin Ransomware Variant Emerges with Improved Evasion Techniques



 

Ransomware

Encryption malware NHS Obfuscation Technique Qilin RaaS Ransomware

NEW Qilin Ransomware Variant Emerges with Improved Evasion Techniques

A much more potent version of the Qilin ransomware has been found, according to cybersecurity experts, showing a new and revamped kind that is ready to attack core systems using advanced encryption along with improved stealth techniques.

A Rebranding with a Twist: Qilin's Evolution

The Qilin ransomware operation, which first appeared in July 2022, has now morphed into a more formidable opponent with a new version dubbed "Qilin.B." Known previously as "Agenda," the malware was rebranded and rewritten in Rust, a programming language harder to detect and often used for high-performance systems. The Qilin group is notorious for demanding multi-million dollar ransoms, focusing on high-stakes sectors such as healthcare, where operational disruptions can be particularly severe.

Qilin's latest incarnation has been a powerful tool in mass-attack campaigns. Just last year, a significant cyber attack was launched against Synnovis, a pathology firm providing services to the United Kingdom's NHS, which resulted in the cancellation of thousands of hospital and family doctor appointments. In return for collaborating on campaigns, Qilin partners are promised a large percentage of ransom payments, up to 85% — an arrangement that is structured to encourage high-paying ransomware attacks with the highest payoffs.

Improved Encryption and Obfuscation

This variant, Qilin.B, has the following methods that make their detection a hard nut to crack by the standard systems of security. According to Halcyon, a research firm specialising in cybersecurity, enhanced encryption, such as AES-256-CTR systems that support AESNI, together with RSA-4096 and OAEP padding have been seen in this particular variant. Such standards ensure that decrypting files from this threat is impossible minus the private key, as the case of preventive actions being the only way forward.

Further, the obfuscation technique is available in Qilin.B with which the developers hide the coding language of malware in order to prevent detection via signature-based detection systems. Such evasion mechanisms make the detection and quick response even more difficult by the cyber security teams in case of infections. As reported by the researchers from Halcyon, who had studied malware upgrades, increasing sophistication can be seen in ransomware tactics, specifically Qilin.B was developed to resist reverse engineering as well as delay incident response.

New Tactics to Dodge System Defences

Qilin.B disables important system services such as backup and removes volume shadow copy to prevent rollback of the infected systems. In addition, it disables restarts and self-cleans up by removing the ransomware after a successful attack to minimise digital artefacts. All these features make it more robust for defence against evolving ransomware groups that will continue to change their approach to remain at least a step ahead of security patches.

Growing Need for Cross-Platform Security

As Qilin ransomware is becoming more agile, security experts say the cybersecurity posture of organisations must be more offensive-minded. Qilin.B is rebuilt in Rust and can be executed properly across different environments-from Linux to VMware's ESXi hypervisor. The required security monitoring needs to recognize stealthy methods identified with Qilin.B, including detection of code compiled in Rust because traditional systems would fail to counter it.

Advanced Configurations and Control

Qilin.B. This is another notable configuration option from the attackers so that one can personalise his attack. Thus, this version comes along with new names for some functions, encrypted strings and other complex code, in order to take more time for defence activities and forensic analysis of an incident. According to researchers of the Halcyon company, the best behaviour-based detecting systems should be implemented and it can easily find out what malware does, without the outdated method of searching for signatures by which malware has successfully dodged, in this case.

With the advancements of Qilin.B in terms of encryption and evasion, the security firm Halcyon recommends that organisations supplement their security infrastructure with cross-platform monitoring and backup solutions which are designed to fight against ransomware attacks' newest variations. A more complete system in detecting and responding to threats will still be an asset as ransomware advances through networks well-protected.

Continuous improvement in ransomware-as-a-service (RaaS) points to the intensifying threat that organisations have to grapple with as they secure sensitive data from increasingly sophisticated adversaries. The Qilin operation exemplifies how ransomware groups continue to adapt themselves to avoid defences, so proactive and adaptive security measures are justified in industries.

CISA Proposes New Security Measures to Protect U.S. Personal and Government Data



 

Vulnerability

AI developers CISA Cyber Security data security Encryption Executive Order 14117 government data National Security U.S. personal data Vulnerability

CISA Proposes New Security Measures to Protect U.S. Personal and Government Data

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has proposed a series of stringent security requirements to safeguard American personal data and sensitive government information from potential adversarial states. The initiative aims to prevent foreign entities from exploiting data vulnerabilities and potentially compromising national security.

These new security protocols target organizations involved in restricted transactions that handle large volumes of U.S. sensitive personal data or government-related data, especially when such information could be exposed to "countries of concern" or "covered persons." This proposal is part of the broader implementation of Executive Order 14117, signed by President Biden earlier this year, which seeks to address critical data security risks that could pose threats to national security.

The scope of affected organizations is wide, including technology companies such as AI developers, cloud service providers, telecommunications firms, health and biotech organizations, financial institutions, and defense contractors. These businesses are expected to comply with the new security measures to prevent unauthorized access to sensitive information.

"CISA’s security requirements are split into two main categories: organizational/system-level requirements and data-level requirements," stated the agency. Below is a breakdown of some of the proposed measures:

Monthly Asset Inventory: Organizations must maintain and update a comprehensive asset inventory that includes IP addresses and hardware MAC addresses.
Vulnerability Remediation: Known exploited vulnerabilities should be addressed within 14 days, while critical vulnerabilities, regardless of known exploitation, must be remediated within 15 days. High-severity vulnerabilities should be resolved within 30 days.
Accurate Network Topology: Companies must maintain a precise network topology, which is crucial for identifying and responding to security incidents swiftly.
Multi-Factor Authentication (MFA): All critical systems must enforce MFA, and passwords must be at least 16 characters long. Immediate access revocation is required upon employee termination or a change in roles.
Unauthorized Hardware Control: Organizations must ensure that unauthorized hardware, such as USB devices, cannot be connected to systems handling sensitive data.
Log Collection: Logs of access and security-related events, including intrusion detection/prevention, firewall activity, data loss prevention, VPN usage, and login events, must be systematically collected.
Data Reduction and Masking: To prevent unauthorized access, organizations should reduce the volume of data collected or mask it, and encrypt data during restricted transactions.
Encryption Key Security: Encryption keys must not be stored alongside the encrypted data, nor in any country of concern.
Advanced Privacy Techniques: The use of techniques like homomorphic encryption or differential privacy is encouraged to ensure sensitive data cannot be reconstructed from processed data.

CISA has called for public feedback on the proposed security measures before they are finalized. Interested parties can submit their comments by visiting regulations.gov, entering CISA-2024-0029 in the search bar, and submitting feedback through the available form.

How Ignoring These Wi-Fi Settings Can Leave You Vulnerable to Hackers



 

WiFi

Cyber Threats Encryption Online Security Privacy WiFi

How Ignoring These Wi-Fi Settings Can Leave You Vulnerable to Hackers

In today's plugged-in world, most of us rely on the Internet for nearly everything from shopping and banking to communicating with family members. Whereas increasing reliance on the internet has exposed opportunities for doing just about anything remotely, it also increases the chances that cyber thieves will target your home Wi-Fi network looking for a weak point to pry into. Thus, securing your home network is critical to your own privacy.

The Importance of Router Settings

But for privacy lawyer Alysa Hutnik, the most common mistake isn't what people do but rather what they don't: namely, change the default settings on their Wi-Fi routers. The default settings on every router are public knowledge, and that's how hackers get in. "You wouldn't leave your front door open," she points out-a failure to alter these default settings is a little different from that.

The very first thing in securing your Wi-Fi network is changing the default password to something strong and unique. This would reduce the chances of unauthorised access significantly. You may also want to take a look at all the other configurations you can make on your router to optimise security features.

Encryption: Protecting Your Data

Another thing you should do to secure your home network is to enable encryption. Most of the current routers do offer some form of encryption options, like WPA (Wi-Fi Protected Access). This encrypts information in such a way that while travelling over your network, it makes hacking even more inconvenient to intercept. If you have not enabled the encryption on your router then it's pretty much the same as leaving personal information lying around open for everyone to grab. A check on your settings and enabling the WPA encryption adds the much-needed layer of defence.

Check Security Settings on All Devices

Securing your home network doesn't stop at the router. Any device that connects to your Wi-Fi should have its privacy and security settings properly enabled as well. Hutnik says that whenever you bring home a new device, a new phone, smart speaker, or laptop, it takes a few minutes to read through the options for privacy and security settings. Many devices have configurations not optimised for security by default. Usually, those configurations can be customised in a minute or two.

Quick Easy-to-Follow Steps to Mitigate Risk

Beyond the configuration of your network and devices, Hutnik calls you to take a few extra precautionary actions regarding your privacy. One such action is sticking tape on your webcam when you are not using it. There is always the prospect of hackers taking control of your camera through malware, so spying on you. As simple as placing a sticker or a Post-it note on your webcam might give you relief over it.

Sure enough, these measures won't protect you from cyber-attacks right and left, but they certainly reduce the risk. The more of our lives we put online, the more important it becomes that we take time to harden our home networks and equipment.

Stay Vigilant and Stay Protected

This will help protect you more from hackers and other online threats: understanding home network vulnerabilities and taking preventive actions about routers, using encryption, and checking your devices' settings. It involves the little things like covering your webcam and thereby trying to ensure that these little habits make you a safer human being on the internet.

Take small steps in securing your home network to avoid many future headaches and ensure that your personal info does not end up in cyber-criminals' pockets.

Exploring the Tor Network: A Comprehensive Look at Online Anonymity and Privacy



 

TOR

anonymization Browser Cyber Security Darknet Encryption Network Online Privacy Security servers TOR

Exploring the Tor Network: A Comprehensive Look at Online Anonymity and Privacy

The Tor network, originally developed in the early 2000s by the U.S. Naval Research Laboratory, has been operated since 2006 by the independent non-profit organization, The Tor Project. The project's primary goal is to offer a free method for anonymizing internet traffic. Approximately 85% of The Tor Project’s funding comes from U.S. government entities, while the remaining 15% is sourced from private donations and NGOs.

Tor, which stands for "The Onion Router," functions by routing a user's connection through three randomly selected servers (nodes), layering encryption like the layers of an onion. The destination site only detects the IP address of the final node, called the exit server, masking the user's original address. The system refreshes the connection route every 10 minutes, though the access node remains stable for two to three months.

Data transferred within the Tor network is encrypted until it reaches the exit server. However, users must still encrypt any sensitive information entered on websites, as data exiting the network can be read if it's not further encrypted. To access Tor, users need a specialized browser—like the Tor browser, based on Mozilla Firefox and configured for secure browsing.

With about 6,500 servers currently active worldwide, individuals, companies, and organizations operate these nodes. Any internet user with a DSL connection can set up a Tor node. However, the network's openness can be a vulnerability; if an exit node operator is not vigilant, unencrypted data can be intercepted. Additionally, sophisticated entities, such as intelligence agencies, could potentially track Tor users by analyzing traffic patterns or compromising nodes.

Despite these risks, Tor remains the most secure method of maintaining anonymity online. Around two million people, particularly those in heavily monitored states, use the Tor network daily. The darknet, a collection of hidden websites, also depends on Tor's anonymization for access.

New Trinity Ransomware Strain Targets U.S. Healthcare, Federal Officials Warn



 

Victim

Cyber Security Cybersecurity Data Breach Encryption Extortion Healthcare HHS Ransomware Ransomware attack Trinity Victim

New Trinity Ransomware Strain Targets U.S. Healthcare, Federal Officials Warn

A new ransomware strain, known as Trinity, has reportedly compromised at least one healthcare organization in the U.S., according to a recent report from federal authorities.

The U.S. Department of Health and Human Services (HHS) issued a warning on Friday, alerting hospitals about the serious threat posed by the ransomware group. They highlighted that Trinity’s methods make it a "notable risk" to both the U.S. healthcare and public health sectors.

HHS's Health Sector Cybersecurity Coordination Center confirmed that one U.S. healthcare entity has recently fallen victim to the Trinity ransomware, which was first detected around May 2024.

To date, seven victims of Trinity ransomware have been identified, including two healthcare providers—one in the U.K. and another in the U.S. The latter, a gastroenterology services provider, lost 330 GB of data. While the facility remains unnamed, it has been listed on Trinity’s data leak site and is currently facing technical disruptions, including limited phone access.

Additionally, researchers have found another case involving a dental group based in New Jersey.

HHS noted similarities between Trinity and two other ransomware groups—2023Lock and Venus—hinting at potential collaboration between these cybercriminals.

Trinity ransomware mirrors other known operations by exploiting common vulnerabilities to extract data and extort victims.

After installation, the ransomware gathers system information, such as available processors and drives, to escalate its attack. Operators then scan for weaknesses to spread the ransomware within the network.

The files encrypted by the attack are marked with the “trinitylock” extension, and victims receive a ransom note demanding payment within 24 hours, with threats of data exposure if they fail to comply.

At present, there is no available decryption tool for Trinity, leaving victims with few options, according to the HHS advisory.

The attackers operate two websites: one to assist those who pay the ransom with decryption, and another that displays stolen data to extort victims further.

Federal officials have discovered code similarities between the Trinity and Venus ransomware strains, noting identical encryption methods and naming schemes, which suggest a close link between them. Trinity also shares features with 2023Lock, including identical ransom notes and code, implying it could be an updated variant.

Cybersecurity researchers have also pointed out that Trinity may be a rebranded version of both Venus and 2023Lock. According to Allan Liska of Recorded Future, Trinity is "not a highly advanced strain of ransomware," and the attackers do not appear particularly sophisticated.

HHS emphasized that the potential collaboration between these threat actors could enhance the complexity and impact of future ransomware attacks.

Previous HHS warnings have covered other ransomware groups such as Royal, Cuba, Venus, Lorenz, and Hive.

Despite heightened law enforcement efforts, ransomware attacks persist, with operations continuing to generate significant revenue—approximately $450 million in the first half of 2024 alone.

The healthcare sector has been particularly affected by these attacks, causing severe disruptions. Just last week, a Texas hospital, the only level 1 trauma center in a 400-mile radius, had to reduce services and turn away ambulances due to a ransomware incident.

As of Friday, the hospital reported restored phone services, with only a limited number of ambulances being redirected to other facilities.

China-backed Hackers Breach U.S. Telecom Wiretap Systems, Sparking Security Concerns



 

wiretapping

CALEA China Cybersecurity Data Breach Encryption Hackers Privacy surveillance Telecom wiretapping

China-backed Hackers Breach U.S. Telecom Wiretap Systems, Sparking Security Concerns

China-backed hackers infiltrated wiretap systems of multiple U.S. telecom and internet providers, reportedly seeking to collect intelligence on American citizens. This revelation has raised alarm in the security community.

Wiretap systems, required by a 30-year-old U.S. federal law, allow a small number of authorized employees access to sensitive customer data, including internet activity and browsing history. These systems, now compromised, highlight long-standing concerns about their vulnerability.

Security experts had long warned about the risks of legal backdoors in telecom systems. Many saw this breach as an inevitable outcome of such vulnerabilities being exploited by malicious actors. Georgetown Law professor Matt Blaze remarked that this scenario was “absolutely inevitable.”

According to the Wall Street Journal, the hacking group, Salt Typhoon, accessed systems used by major U.S. internet providers like AT&T, Lumen, and Verizon. The group reportedly collected large amounts of internet traffic, and a U.S. government investigation is now underway.

The hackers' goals remain unclear, but experts believe the breach could be part of a larger Chinese effort to prepare for potential cyberattacks in the event of conflict, possibly over Taiwan. The intrusion reinforces the dangers of security backdoors.

Riana Pfefferkorn, a Stanford academic, pointed out that this hack exposes the risks of U.S. wiretap systems, arguing that these measures jeopardize citizens’ privacy rather than protecting them. She advocates for increased encryption as a solution to these vulnerabilities.

The compromised wiretap systems are part of the Communications Assistance for Law Enforcement Act (CALEA), a law enacted in 1994 to help the government access telecom data through lawful orders. However, this system has become a target for hackers and malicious actors.

After 9/11, U.S. surveillance laws expanded wiretapping to collect intelligence, sparking an entire industry dedicated to facilitating these operations. Yet, the extent of government access to private data was only exposed in 2013 by whistleblower Edward Snowden.

Post-Snowden, tech giants like Apple and Google began encrypting customer data to prevent unauthorized access, even from government agencies. However, telecom companies have been slower to follow suit, leaving much U.S. phone and internet traffic vulnerable to wiretapping.

Governments worldwide continue to push for legal backdoors into encrypted systems. In the EU, for example, proposed laws aim to scan private messages for illegal content, raising security concerns among experts.

Signal, the encrypted messaging app, warned of the dangers of backdoors, pointing to the Chinese hacking incident as an example of why such measures pose severe cybersecurity risks. Meredith Whittaker, Signal’s president, stressed that backdoors cannot be restricted to just "the good guys."

Blaze called the CALEA law a cautionary tale, emphasizing the dangers of building security systems with inherent vulnerabilities.

Encryption Battle: FBI's Year-Long Struggle with Mayor's Cellphone



 

Privacy

Cell Phone Digital Privacy Encryption FBI Privacy

Encryption Battle: FBI's Year-Long Struggle with Mayor's Cellphone

Recently, there's been some buzz around New York City Mayor Eric Adams and his cellphone. Federal investigators seized his phone almost a year ago during a corruption investigation, but they can't unlock it. Adams says he forgot his phone password, making it a big problem for the investigators.

About the Encryption Battle

Prosecutors in the case against Mayor Adams, which involves alleged illegal payments from the Turkish government, disclosed that the FBI has been unable to unlock Adams' personal phone, even after nearly a year since it was confiscated.

This phone is one of three devices taken from Adams, but his personal phone was seized a day later than the other two official devices. By then, Adams had changed the phone's passcode from a four-digit PIN to a six-digit code—a step he says was to prevent staffers from accidentally or intentionally deleting information. He also claims to have immediately forgotten the new code.

Our phones hold a lot of personal information—text messages, call logs, emails, and more. This makes them valuable for investigations but also raises privacy concerns. The case of Adams' phone highlights a bigger issue: the tension between privacy and security.

On one side, law enforcement needs access to information for their investigations. On the other side, everyone has a right to privacy and the security of their personal data. This balance is tricky and often leads to debates.

For the feds, not being able to access Adams' phone is a setback. Digital evidence can be crucial in cases, and a locked smartphone is a big challenge. This isn't the first time authorities have faced this problem. There have been many cases where they struggled to unlock phones, sparking debates about their power to compel individuals to reveal passwords.

Privacy Concerns

From a privacy viewpoint, Adams' case is a win. It shows how strong modern encryption is in protecting personal data. Even if someone is a public figure under investigation, the technology protects their data from unauthorized access. This is reassuring for anyone concerned about the privacy and security of their own devices.

But there's also an ethical side. If Adams genuinely forgot his password, it shows human vulnerability. Forgetting passwords is common, and it reminds us how much we rely on technology. But if the forgotten password is an excuse, it raises questions about the moral obligations of those in power.

The seriousness of the case

This case also highlights the importance of understanding and managing our digital lives. As our phones become extensions of ourselves, knowing how to secure them, remember passwords, and understand the legal implications is crucial.

Mayor Eric Adams' locked phone case is a picture of the larger digital privacy debate. It shows the power of encryption and the ongoing struggle between privacy and security.

Meta Fined €91 Million by EU Privacy Regulator for Improper Password Storage



 

Privacy

Cyber Security DPC Encryption Fine GDPR Meta Passwords Plaintext Privacy

Meta Fined €91 Million by EU Privacy Regulator for Improper Password Storage

On Friday, Meta was fined €91 million ($101.5 million) by the European Union's primary privacy regulator for accidentally storing some user passwords without proper encryption or protection.

The investigation began five years ago when Meta informed Ireland's Data Protection Commission (DPC) that it had mistakenly saved certain passwords in plaintext format. At the time, Meta publicly admitted to the issue, and the DPC confirmed that no external parties had access to the passwords.

"It is a widely accepted practice that passwords should not be stored in plaintext due to the potential risk of misuse by unauthorized individuals," stated Graham Doyle, Deputy Commissioner of the Irish DPC.

A Meta spokesperson mentioned that the company took swift action to resolve the error after it was detected during a 2019 security audit. Additionally, there is no evidence suggesting the passwords were misused or accessed inappropriately.

Throughout the investigation, Meta cooperated fully with the DPC, the spokesperson added in a statement on Friday.

Given that many major U.S. tech firms base their European operations in Ireland, the DPC serves as the leading privacy regulator in the EU. To date, Meta has been fined a total of €2.5 billion for violations under the General Data Protection Regulation (GDPR), which was introduced in 2018. This includes a record €1.2 billion penalty issued in 2023, which Meta is currently appealing.

Reading Encrypted WhatsApp Messages Through Digital Forensics



 

Whatsapp Messages

Cyber Attacks CyberCrime Cybersecurity CyberThreat Digital Forensics Encryption Whatsapp Messages

Reading Encrypted WhatsApp Messages Through Digital Forensics

In recent years, WhatsApp has become one of the most popular messaging apps in the world. End-to-end encryption is the process by which the service uses robust security for the protection of its users' communications. The fact that messages are encrypted makes it very easy to ensure that they will remain private until they reach their intended destination from the moment they leave the smartphone of the sender.

The end-to-end encryption method works like this: it scrambles the content of communications into an unreadable form that cannot be decrypted. Before the message leaves the sender's device, the message will be transformed into a complex code, thus protecting the sensitive data inside. It is critical to note that the key to this system is only possessed by the intended recipient's device and therefore only he or she would be able to unlock and decrypt messages that come in this format.

Encryption with this digital key is considered to be particularly useful in combating the phenomenon of man-in-the-middle (MiTM) attacks. The man-in-the-middle attack refers to an action where a malicious actor intercepts a communication between two parties, possibly by listening in or even altering the content of the communication. The letter appears as though somebody reads it secretly before it reaches the recipient and there is something about it that is suspicious.

With WhatsApp's encryption, it makes sure that even if a man-in-the-middle attacker intercepts the data, they will not be able to decipher the contents of the data, since they do not have access to the right key to decrypt it. Even though this encryption is designed to protect members of WhatsApp against man-in-the-middle attacks and interception during transmission, it doesn't mean that WhatsApp messages will be immune to cell phone forensics technology used by digital forensic experts who are trained in digital forensics analysis.

A WhatsApp message is stored on the smartphone where it is retrieved at any time The recipient must be able to decrypt the message he receives once the message reaches his or her device. During this process of decryption, which occurs automatically on the device, cell phone forensics professionals have the opportunity to examine the messages on the device.

A WhatsApp message is stored in WhatsApp's local database when it arrives on the device of the recipient when it's encrypted. It is recommended that you encrypt this database, but the key for encryption is kept on the device itself. It is possible to decrypt the messages sent by WhatsApp using the encryption key that is stored by WhatsApp on a smartphone when it is opened in real-time by the customer to read their messages.

A screen will then appear on the device displaying the content that has been decrypted. A smartphone forensics technology was developed to exploit this process, assuming access was possible to the phone, the device itself. By accessing the cell phone forensically, it is possible to extract the WhatsApp database directly from the mobile phone and then decrypt it with forensic tools.

There is a sense that the digital forensic examiner has access to the communications, just as he or she would have access to them if they were on WhatsApp. Cell phone forensics technology can decipher encrypted communication on a smartphone and recover deleted messages from other messaging applications like WhatsApp and many others, depending on the phone's make, model and operating system.

Even though the lock on the smartphone protects WhatsApp communication, there are many government agencies and a few private digital forensics experts that have access to technology that can crack or bypass smartphone passcodes, which can be used to intercept WhatsApp communication.

The Expanding PKfail Vulnerability in Secure Boot and Its Alarming Impact



 

software vulnerabilities

ATM Cyber Security Cybersecurity measures cybersecurity vulnerability Encryption Software Updates software vulnerabilities

The Expanding PKfail Vulnerability in Secure Boot and Its Alarming Impact

The PKfail vulnerability in Secure Boot has grown into a far-reaching security threat, affecting thousands of devices across multiple sectors. Originally believed to be a limited issue, it arises from manufacturers releasing hardware with known compromised software, allowing unauthorized software to bypass Secure Boot encryption. Even after the initial leak of the Secure Boot encryption code in 2022, manufacturers continued to distribute devices with compromised security, and some even included warnings like “DO NOT TRUST” in the firmware.

The original discovery indicated that devices from top manufacturers such as Dell, Acer, and Intel were compromised. However, recent investigations have expanded the list to include other major brands like Fujitsu, Supermicro, and niche producers like Beelink and Minisforum. Alarmingly, the list of impacted devices has grown to nearly four times its original size, now encompassing around a thousand models of laptops, desktops, and other x86-based hardware. What’s more concerning is that the PKfail vulnerability isn’t limited to standard consumer devices. It extends to enterprise servers, point-of-sale systems, gaming consoles, ATMs, and even medical and voting machines.

These revelations indicate that the Secure Boot vulnerability has a much wider reach, exposing critical infrastructure to potential attacks. According to Binarly’s detection tool, this breach affects numerous industries, making it a significant cybersecurity risk. The challenge of exploiting Secure Boot remotely is substantial, often requiring advanced skills and resources, making it a tool primarily used by hackers targeting high-profile individuals or organizations. It’s particularly relevant for high-net-worth individuals, government agencies, and large corporations that are more likely to be the targets of such sophisticated attacks.

State-sponsored hackers, in particular, could leverage this vulnerability to gain unauthorized access to confidential data or to disrupt critical operations. Addressing the PKfail vulnerability requires immediate action, both from manufacturers and end-users. Device manufacturers must issue firmware updates and improve their security practices to ensure their hardware is protected against such threats. Meanwhile, organizations and individual users should regularly check for software updates, apply patches, and implement stringent cybersecurity measures to minimize the risk of exploitation.

The PKfail incident underscores the critical importance of cybersecurity vigilance and reinforces the need for robust protection measures. As cyber threats continue to evolve, organizations and individuals alike must stay informed and prepared to defend against vulnerabilities like PKfail.

Police Shield Communications from Public Scrutiny with Encryption



 

Public Communication Freedom

Broadcasting Cyber Security Cyberattacks CyberCrime Cyberhackers Cyberthreats Encryption Police Shield Public Communication Freedom

Police Shield Communications from Public Scrutiny with Encryption

A police radio transmission went silent in Aurora, Colorado, in 2016, and then in Denver, Colorado, in 2019. Many journalists are used to using newsroom scanners to monitor police radio communications to identify any newsworthy events as soon as they happen. Still, suddenly they were cut off from critical updates about events that threatened public safety and interfered with their ability to produce timely and accurate reports.

There were three years of failed legislation before the Colorado legislature agreed in 2021 to enact statutory language that addressed a trend among Colorado's law enforcement agencies to fully encrypt their radio communications following three years of failed legislation. It has been reported by the Colorado Freedom of Information Coalition that by May 2021, a considerable number of law enforcement agencies across the state have encrypted their radio transmissions, and this will lead to increased security.

According to the Colorado Criminal Justice Records Act, journalists have a right to request police radio transmissions, but they may have their records withheld or redacted for legal reasons. The provisions that were incorporated into the law on police accountability required agencies to set up a “communications access policy” for local news media outlets that would enable them to listen to primary dispatch channels on commercially available radio receivers, scanners, or other technologies that would be feasible.

Despite the passing of House Bill 21-1250 in 2017, journalists still cannot listen to Denver and Aurora police radio transmissions like they used to do before both agencies blocked public access to their broadcasts - Denver in 2019, and Aurora three years earlier. Even though both departments have outlined their radio access policies in writing, neither department has been able to agree with any news organizations in the Denver metro area.

In the same manner as law enforcement, broadcasters play an important role in protecting the public because they can quickly communicate vital information to a large audience. A spokesperson for the Colorado Broadcasters Association, Justin Sasso, told the Colorado Times in an interview that broadcasters have used law enforcement radio communication systems for years efficiently. According to advocates of press freedom, this explosion of encryption can be attributed to the increased scrutiny and demand for police accountability sparked by the Black Lives Matter (BLM) movement of 2020, which led to the publication of the first report on cryptography in 2021.

The BLM protests in 2020 laid the groundwork for the implementation of encryption protocols for routine police communications throughout the country, following the Citizen Scanner Monitoring Project, which allowed citizens to document racist remarks made by law enforcement over radio frequencies. According to police communications, the intent throughout the entire BLM uprising in 2020 was to be as violent as possible throughout the protests.

There is a desire on the part of the company to hide these communications now so that future lawsuits will not occur. "There is no other justification for what is happening," Williams stated emphatically. It has been reported that law enforcement agencies around the nation are increasingly moving toward encrypted radio transmissions in a bid to protect the privacy of their officers and the public.

A bill has been introduced in the Colorado state legislature to ensure public access to information by upholding the third amendment. As part of Colorado’s HB 21-1250 law, which was passed in 2021, governmental entities that use radio encryption must draft journalist access policies with the assistance of media outlets in Colorado. Even so, no Colorado law enforcement agency has yet to draft a “communications access policy” that complies with Colorado’s law due to the lack of enforcement measures.

Colorado Freedom of Information Coalition learned in May that, while Art Acevedo was serving as interim chief of the Aurora Police Department, the Aurora Police Department was considering restoring a public feed of radio broadcasts via the Broadcastify mobile app with a 10-minute delay - as long as the app ran on a smartphone. He said that Broadcastify does not currently provide a way to protect sensitive information about witnesses and victims that are being transmitted over radio platforms to the general public, such as names and addresses.

In 2023, legislation was enacted mandating the deletion of all names and identifying information of juvenile victims and witnesses from police and court records. This legislative change significantly altered the landscape of law enforcement transparency. One of the most notable changes introduced by the bill is the acceleration of the effective date for the release of body-worn and dashboard camera footage requirements, which was initially set for July 1, 2023.

According to the new provisions, the footage-release requirement will take effect upon the governor's signature. The legislation stipulates that unedited video and audio recordings of incidents involving complaints of peace officer misconduct must be released within 21 days after a request for the recordings. Alternatively, if the release of the footage would substantially interfere with or jeopardize an active or ongoing investigation, the release could be delayed up to 45 days from the date of the allegation of misconduct.

Until these body-camera provisions become effective, law enforcement agencies retain the discretion provided by the Colorado Criminal Justice Records Act to delay the release of footage or to disclose only certain portions of the recordings. House Bill 21-1250 also includes a provision that prohibits law enforcement departments from retaliating against whistleblowing officers. These protections apply to officers who disclose information about dangers to public health or safety or violations of law or policy committed by another officer.

The bill passed the House with a 39-24 vote on Wednesday and is now proceeding to the Senate. Free press advocates argue that increased police transparency is essential. However, the auditor’s clause present in Denver’s decryption license and media access policy effectively prevents the press from signing the media access agreement, conflicting with the intent of HB 21-1250. As free press advocates consider returning to the Colorado legislature to strengthen the bill, abolitionists maintain that while transparency is necessary, it alone is insufficient to eliminate police violence.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Showing result(s) for

Popular Posts

Pages

Menu Item

Law demanding companies to provide encrypted data

Criminals will exploit backdoors

Use of spyware may be allowed

Quantum Computing's Impact on Cryptography

Satoshi Nakamoto’s Early Solutions

Proactive Measures for Long-Term Security

What is Quantum Computing?

Key Achievements of Willow

Applications and Risks of Quantum Computing

Global Efforts in Quantum Computing

A Step Towards the Future

About the Encryption Battle

Privacy Concerns

The seriousness of the case