Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :- Its main objective is to provide unique representations fingerprints of malware requests, which help in their identification. Unique means here that each fingerprint should be seen...

Friday Squid Blogging: Newly Identified Ichthyosaur Species Probably Ate Squid

This is a deep-diving species that "fed on small prey items such as squid." Academic paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Libgcrypt Attack Allowed Recovery of RSA-1024 Keys

The cryptographic library Libgcrypt is vulnerable to a local side-channel attack; something researchers warn could allow full key recovery for RSA-1024. The vulnerability CVE-2017-7526 is tied to the fact that Libgcrypt, which is based on code from GnuPG, uses left to right sliding windows...

Curiosity Kills Security When it Comes to Phishing

Regardless of the amount of training and technology applied to phishing prevention, people are going to click on links, trust messages from supposedly known sources and get into trouble online. A recent academic paper collates the results of an experiment conducted with more than 1,200 German...

Microsoft Considers Earlier SHA-1 Deprecation Deadline

Tech companies continue to back away from SHA-1 like it’s an infectious disease. Microsoft, which already had plans to deprecate the crusty cryptographic algorithm by the start of 2017, decided this week to move up that deadline six months. The company said it’s considering whether it will start...

Fewer IPsec VPN Connections at Risk to Weak Diffie-Hellman

A challenge has been made against one of the conclusions in a potentially blockbuster academic paper on cryptographic weaknesses that may be the open door through which intelligence agencies are breaking encrypted connections. The paper, “Imperfect Forward Secrecy: How Diffie-Hellman Fails in...

NSA Exploiting Weak Diffie-Hellman Primes to Break Crypto

The great mystery since the NSA and other intelligence agencies’ cyber-spying capabilities became watercooler fodder has not been the why of their actions, but the how? For example, how are they breaking crypto to decode secure Internet communication? A team of cryptographers and computer...

Paper: NetFlow Data De-Anonymizes Tor Users

Tor Project leaders are trying to rein in concerns about an academic paper describing an end-to-end traffic correlation attack that could be used by a well-funded attacker such as a nation state to de-anonymize traffic on Tor. Executive director Roger Dingledine points out that the researchers...

Questions Arise About Bitcoin Security Paper

In the wake of the publication of a new academic paper that says there is a fundamental flaw in the Bitcoin protocol that could allow a small cartel of participants to become powerful enough that it could take over the mining process and gather a disproportionate amount of the value in the system...