Toggle light / dark theme

“Because nothing can protect hardware, software, applications or data from a quantum-enabled adversary, encryption keys and data will require re-encrypting with a quantum-resistant algorithm and deleting or physically securing copies and backups.” v/@preskil… See More.


To ease the disruption caused by moving away from quantum-vulnerable cryptographic code, NIST has released a draft document describing the first steps of that journey.

“We’re excited to share that AWS has acquired Wickr, an innovative company that has developed the industry’s most secure, end-to-end encrypted, communication technology,” Stephen Schmidt, Amazon Web Services’ vice president, wrote. With a nod to the company’s ever-deepening relationships with the military, and Washington in general, Schmidt added that Wickr’s features give “security conscious enterprises and government agencies the ability to implement important governance and security controls to help them meet their compliance requirements.” Schmidt himself has a background in this space: his LinkedIn profile notes he spent a decade at the FBI.

Wickr’s app — like secure messaging competitor Signal — has been popular with journalists and whistleblowers; it’s also been a go-to for criminals, Motherboard notes. It’s unclear if the proximity to the tech monolith will impact the app’s popularity for free users.

In Amazon’s case, Schmidt indicates the acquisition was at least partially influenced by the need to preserve information security while working remotely. “With the move to hybrid work environments, due in part to the COVID-19 pandemic, enterprises and government agencies have a growing desire to protect their communications,” he wrote.

Cyber criminals are increasingly using virtual machines to compromise networks with ransomware.

By using virtual machines as part of the process, ransomware attackers are able to conduct their activity with additional subtlety, because running the payload within a virtual environment reduces the chances of the activity being discovered – until it’s too late and the ransomware has encrypted files on the host machine.

During a recent investigation into an attempted ransomware attack, cybersecurity researchers at Symantec found the ransomware operations had been using VirtualBox – a legitimate form of open-source virtual machine software – to run instances of Windows 7 to aid the installation of ransomware.

Researchers from University of Copenhagen have developed a new technique that keeps quantum bits of light stable at room temperature instead of only working at-270 degrees. Their discovery saves power and money and is a breakthrough in quantum research.

As almost all our private information is digitalized, it is increasingly important that we find ways to protect our data and ourselves from being hacked.

Quantum Cryptography is the researchers’ answer to this problem, and more specifically a certain kind of qubit — consisting of single photons: particles of light.

TAMPA, Fla. — Seraphim Capital plans to trade stakes it has amassed in space technology startups on the public market through an investment trust.

The Seraphim Space Investment Trust will eventually comprise bets in 19 international startups, including satellite data specialist Spire Global, quantum encryption firm Arqit and space-based cellular network operator AST Space Mobile.

Those three recently got valuations of more than $1 billion in mergers with special purpose acquisition companies (SPACs), investment vehicles that offer another route to public markets.

Quantum computing began in the early 1980s. It operates on principles of quantum physics rather than the limitations of circuits and electricity which is why it is capable of processing highly complex mathematical problems so efficiently. Quantum computing could one day achieve things that classical computing simply cannot. The evolution of quantum computers has been slow, but things are accelerating, thanks to the efforts of academic institutions such as Oxford, MIT, and the University of Waterloo, as well as companies like IBM, Microsoft, Google, and Honeywell.

IBM has held a leadership role in this innovation push and has named optimization as the most likely application for consumers and organizations alike.

Honeywell expects to release what it calls the “world’s most powerful quantum computer” for applications like fraud detection, optimization for trading strategies, security, machine learning, and chemistry and materials science.

Typically abbreviated as TLS, Transport Layer Security uses strong encryption to prove that an end user is connected to an authentic server belonging to a specific service (such as Google or Bank of America) and not an impostor masquerading as that service. TLS also encrypts data as it travels between an end user and a server to ensure that people who can monitor the connection can’t read or tamper with the contents. With millions of servers relying on it, TLS is a cornerstone of online security.

In a research paper published on Wednesday, Brinkmann and seven other researchers investigated the feasibility of using what they call cross-protocol attacks to bypass TLS protections. The technique involves an MitM attacker redirecting cross-origin HTTP requests to servers that communicate over SMTP, IMAP, POP3, or FTP, or another communication protocol.

The main components of the attack are the client application used by the targeted end user, denoted as C; the server the target intended to visit, denoted as Sint; and the substitute server, a machine that connects using SMTP, FTP, or another protocol that’s different from the one serverint uses but with the same domain listed in its TLS certificate.

REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.

Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research.

Researchers from security firm Sophos detected the new ransomware, called Epsilon Red, in an investigation of an attack on a U.S.-based company in the hospitality sector, Sophos Principal Researcher Andrew Brandt wrote in a report published online.