AES Encryption Cracked

CRYPTOGRAPHY RESEARCHERS have identified a weakness in the Advanced Encryption Standard (AES) security algorithm that can crack secret keys faster than before.

The crack is the work of a trio of researchers at universities and Microsoft, and involved a lot of cryptanalysis – which is somewhat reassuring – and still does not present much of a real security threat.

Andrey Bogdanov, from K.U.Leuven (Katholieke Universiteit Leuven), Dmitry Khovratovich, who is full time at Microsoft Research, and Christian Rechberger at ENS Paris were the researchers.

Although there have been other attacks on the key based AES security system none have really come close, according to the researchers. But this new attack does and can be used against all versions of AES.

This is not to say that anyone is in immediate danger and, according to Bogdanov, although it is four times easier to carry out it is still something of an involved procedure.

Recovering a key is no five minute job and despite being four times easier than other methods the number of steps required to crack AES-128 is an 8 followed by 37 zeroes.

“To put this into perspective: on a trillion machines, that each could test a billion keys per second, it would take more than two billion years to recover an AES-128 key,” the Leuven University researcher added. “Because of these huge complexities, the attack has no practical implications on the security of user data.” Andrey Bogdanov told The INQUIRER that a “practical” AES crack is still far off but added that the work uncovered more about the standard than was known before.

“Indeed, we are even not close to a practical break of AES at the moment. However, our results do shed some light into the internal structure of AES and indicate where some limits of the AES design are,” he said.

He added that the advance is still significant, and is a notable progression over other work in the area.

“The result is the first theoretical break of the Advanced Encryption Standard – the de facto worldwide encryption standard,” he explained. “Cryptologists have been working hard on this challenge but with only limited progress so far: 7 out of 10 for AES-128 as well as 8 out of 12 for AES-192 and 8 out of 14 rounds for AES-256 were previously attacked. So our attack is the first result on the full AES algorithm.”

Read More…

Accused Hacker Out On Bail In England

The accused ‘Topiary’, whose name is Jake Davis, was charged on Sunday and bailed by the courts yesterday. He was charged with five offences: Unauthorised access to a computer system, Encouraging or assisting offences, Conspiracy with others to carry out a Distributed Denial of Service Attack on the website of the Serious and Organised Crime Agency, Conspiracy to commit offences of Section 3 Computer Misuse Act 1990, and Conspiracy with others to commit offences of Section 3 Computer Misuse Act 1990 contrary to Section 1 of the Criminal Law Act 1977.

According to a report at the Guardian, his bail conditions are that Davis must wear an electronic tag, not access the internet, and not leave his house between 10pm and 7am.

Davis, who appeared outside court wearing sunglasses and holding a copy of “Free Radicals: The Secret Anarchy of Science” by Micheal Brooks and who allegedly authored the Rupert Murdoch is dead story that appeared on the hacked web site of the Sun newspaper, has already gained support on the internet in general and especially on Twitter.

Read More…

EMC’s Data Breach Cost $66 Million

Between April and June 2011, EMC spent $66 million handling the fallout from a March cyber attack against its systems, which resulted in the compromise of information relating to the SecurID two-factor authentication sold by EMC’s security division, RSA.

That clean-up figure was disclosed last week during an EMC earnings call, by David Goulden, the company’s chief financial officer. It doesn’t include post-breach expenses from the first quarter, when EMC began investigating the attack, hardening its systems, and working with customers to prevent their being exploited as a result of the attacks.

In spite of the breach, EMC reported strong second-quarter financial results, earning consolidated revenue of $4.85 billion, which is an increase of 20% compared with the same period one year ago. Meanwhile, second-quarter GAAP net income increased by 28% from the same period last year, to reach $546 million. The company saw large growth in its information infrastructure and virtual infrastructure products and services, including quarterly revenue increases of 19% for its information storage group.

Those results led executives to increase their financial outlook for 2011 and predict consolidated revenue in excess of $19.8 billion, which would be a 16% increase from EMC’s 2010 revenues of $17 billion.

Read More….

Hackers Creating Networking Website

Anonymous, which has taken credit for several high-profile cyber attacks in recent months, plans to launch what it says will be a new social networking site called AnonPlus.

The group’s move was apparently spurred by Google’s decision to shut down Anonymous’ Google+ account for community standard violations, a report by Mashable says.

For the moment, at least, AnonPlus appears to be little more than a single, somewhat poorly formatted page explaining what the site will be about.

“This lil info dump of a site is here simply to dispence (sic) info, soon the actual site will go up and you can begin to interact with it,” a message on the site notes.

“This project is not overnight and will take many of those out there who simply want a better internet,” the message noted. “We will not be stopped by those looking to troll or those willing to stop the spreading of the truth.”

The message doesn’t mention Google shutting down Anonymous’ Google+ account, but it does promise members that with AnonPlus there would be no fear of “censorship”, “blackout” or “holding back.”

Read More…

“TDL-4″ Botnet Is Practically Indestructible

A new and improved botnet that has infected more than four million computers is “practically indestructible,” software security experts say.

“TDL-4,” the name for both the bot Trojan that infects PCs and the ensuing collection of compromised computers, is “the most sophisticated threat today,” said Kaspersky Labs researcher Sergey Golovanov in a detailed analysis Monday.

“[TDL-4] is practically indestructible,” Golovanov said and others agree.

“I wouldn’t say it’s perfectly indestructible, but it is pretty much indestructible,” said Joe Stewart, director of malware research at Dell SecureWorks and an internationally-known botnet expert, in an interview today. “It does a very good job of maintaining itself.”

Golovanov and Stewart based their assessments on a variety of TDL-4′s traits, all which make it an extremely tough character to detect, delete, suppress or eradicate.

Because TDL-4 installs its rootkit on the Master Boot Record (MBR), it is invisible to both the operating system and more, importantly, security software designed to sniff out malicious code.

Further,what makes the botnet indestructible is the combination of its advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by command-and-control (C&C) servers.

“The way peer-to-peer is used for TDL-4 will make it extremely hard to take down this botnet,” said Roel Schouwenberg, senior malware researcher at Kaspersky, ”The TDL guys are doing their utmost not to become the next gang to lose their botnet.”

Read more….

Apple Website Is Ripe For Hacking

According to the Ethical Hacking group YGN, Apple’s website for developers is virtually wide open and gives the opportunity for hackers to introduce malware such asphishing attacks to gain access to subscriber’s vital personal information.

One group known as Networkworld identified three holes on Apple’s website that arbitrary URL redirects, cross-site scripting and HTTP response splitting. That said, these holes could allow hackers to arbitrarily redirect to other websites and make phishing attacks against developers login credentials more successful.

Read More…..

Citigroup Hackers Pocketed $2.7 million

Citigroup suffered about $2.7 million in losses after cybercriminals uncovered a way to lift credit card numbers from its website and make fraudulent transactions.

Citi acknowledged the breach earlier this month, saying hackers had gained accessed to more than 360,000 Citi credit card accounts of U.S. customers. The hackers didn’t breach Citi’s main credit card processing system, but were reportedly able to obtain the numbers, along with the customers’ names and contact information, by logging into the Citi Account Online website and guessing account numbers.

Until now, it wasn’t revealed if any fraud had occurred as a result of the theft. But Citi confirmed Friday that there were losses of $2.7 million from about 3,400 accounts.

The bank has said its customers will not be liable for the fraudalent transactions and losses as a result of them.

Read More….

More Citigroup Accounts Compromised Than Stated

Citigroup was apparently hit harder by a cyber-attack in May than what was originally reported; which is now 360,000 of its customers. Unfortunately, this number is double the number that Citigroup initially stated.

Citigroup is one of the biggest banks in the US and ranks number 3 overall. The breach occurred on May 10^th and was confirmed by Citigroup on June 8th^th. That said, around 360,080 North American Citigroup credit card accounts were impacted by the breach, Citigroup stated; which is around 1 per cent of their North American card customer’s base.

Read More….

Chinese Government Questioned About Cyber-attack

The U.S. State Department questioned the Chinese government regarding an attack that had temporarily shut down the website Change.org after the site hosted a petition urging Chinese authorities to release artist Ai Weiwei from custody.

U.S. deputy assistant secretary Daniel Baer raised concerns about the attack in April with China’s foreign ministry, according to an official letter sent from the State Department to U.S. Rep. Rosa DeLauro (D-Conn.). Change.org obtained a copy of the letter and released it Tuesday.

The nature of those talks is still somewhat vague. The U.S. Embassy in Beijing said it had no current information on the matter and deferred to the State Department. China’s foreign ministry has yet to respond to a request for comment.

Change.org, an online petitioning platform, was the victim of a distributed denial of service (DDoS) attack originating from China on April 17. The attacks nearly brought down the site for days.

DDoS attacks can do this by using hundreds or thousands of hacked computers to drive traffic to a website. The data will become so overwhelming that the site will become inaccessible to users.

Change.org said the DDoS attacks from China continue to bring down the site intermittently. The FBI is investigating the case, said Benjamin Joffe-Walt, an editor with Change.org.

Read More….

Download Defense Added To Chrome Browser

Google has updated Chrome to version 12, adding a new feature that warns users when they’ve downloaded files from dangerous Web sites.

New to Chrome 12 is a tool that flags questionable files pulled from the Web. Chrome now shows an alert when users download some file types from sites that are on the Safe Browsing API (application programming interface) blacklist, which Google maintains.

The messages reads: “This file is malicious. Are you sure you want to continue?” If they wish, users can ignore the warning and install the file on their system’s hard drive.

“This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API,” said Google last April when it debuted the feature in an earlier edition of Chrome.

Safe Browsing already identifies suspicious or unsafe sites, then adds them to a blacklist. Chrome, Mozilla’s Firefox and Apple’s Safari all tap into Safe Browsing to warn users of risky sites before they actually visit them.

Read More…

« Previous Page — Next Page »