Lucene search
K

125 matches found

Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

Malleability-Resistant Encrypted Control System with Disturbance Compensation and Real-Time Attack Detection

This study proposes an encrypted PID control system with a disturbance observer DOB using a keyed-homomorphic encryption KHE scheme, aiming to achieve control performance while providing resistance to malleability-based attacks. The controller integrates a DOB with a PID structure to compensate f...

6.9AI score
Exploits0
Filippo.io
Filippo.io
added 2025/07/14 3:17 p.m.9 views

Encrypting Files with Passkeys and age

Typage age-encryption on npm is a TypeScript1 implementation of the age file encryption format. It runs with Node.js, Deno, Bun, and browsers, and implements native age recipients, passphrase encryption, ASCII armoring, and supports custom recipient interfaces, like the Go implementation. However...

6.8AI score
Exploits0
CISA
CISA
added 2025/06/30 12:0 p.m.3 views

CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment

Today, CISA, in collaboration with the Federal Bureau of Investigation FBI, the Department of Defense Cyber Crime Center DC3, and the National Security Agency NSA, released a Fact Sheet urging organizations to remain vigilant against potential targeted cyber operations by Iranian state-sponsored ...

7.7AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/05/07 12:0 a.m.3 views

Preparing for the Post Quantum Era: Quantum Ready Architecture for Security and Risk Management (QUASAR) -- a Strategic Framework for Cybersecurity

As quantum computing progresses, traditional cryptographic systems face the threat of obsolescence due to the capabilities of quantum algorithms. This paper introduces the Quantum-Ready Architecture for Security and Risk Management QUASAR, a novel framework designed to help organizations prepare...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/03 12:0 a.m.5 views

PQS-BFL: a Post-Quantum Secure Blockchain-Based Federated Learning Framework

Federated Learning FL enables collaborative model training while preserving data privacy, but its classical cryptographic underpinnings are vulnerable to quantum attacks. This vulnerability is particularly critical in sensitive domains like healthcare. This paper introduces PQS-BFL Post-Quantum...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 11:26 a.m.13 views

[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats

How Many Gaps Are Hiding in Your Identity System? It's not just about logins anymore. Today's attackers don't need to "hack" in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/22 7:38 a.m.32 views

Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach

Microsoft on Monday announced that it has moved the Microsoft Account MSA signing service to Azure confidential virtual machines VMs and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed...

7.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/03/21 11:47 a.m.11 views

NCSC Releases Post-Quantum Cryptography Timeline

The UK's National Computer Security Center part of GCHQ released a timeline--also see their blog post--for migration to quantum-computer-resistant cryptography. It even made The Guardian...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/12/09 6:49 a.m.12 views

Making sure your door access control system is secure: Top 5 things to check

Your door access control system aka a physical access control system or PACS, also referred to as RFID cards or ‘swipe’ cards often have a poor reputation for being vulnerable to cloning attacks. Here’s the thing: it’s generally possible to configure your system to be very resistant to card...

7.3AI score
Exploits0
CISA
CISA
added 2024/11/20 12:0 p.m.7 views

USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multifactor Authentication

Today, the Cybersecurity and Infrastructure Security Agency CISA and the U.S. Department of Agriculture USDA released Phishing-Resistant Multifactor Authentication MFA Success Story: USDA’s FIDO Implementation. This report details how USDA successfully implemented phishing-resistant authenticatio...

7.2AI score
Exploits0References3
CISA
CISA
added 2024/10/31 12:0 p.m.16 views

Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

CISA has received multiple reports of a large-scale spearphishing campaign targeting organizations in several sectors, including government and information technology IT. The foreign threat actor, often posing as a trusted entity, is sending spearphishing emails containing malicious remote deskto...

7.7AI score
Exploits0References5
The Hacker News
The Hacker News
added 2024/10/24 11:0 a.m.25 views

Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA

Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency CISA, in coordination with the FBI, issues a...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/18 11:0 a.m.45 views

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and passwor...

10CVSS7.2AI score0.99512EPSS
Exploits75
CISA
CISA
added 2024/10/08 12:0 p.m.7 views

CISA and FBI Release Fact Sheet on Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations

Today, CISA and the Federal Bureau of Investigation FBI released joint fact sheet, How to Protect Against Iranian Targeting of Accounts Associated with National Political Organizations. This fact sheet provides information about threat actors affiliated with the Iranian Government’s Islamic...

7AI score
Exploits0References4
ICS
ICS
added 2024/08/29 12:0 p.m.58 views

#StopRansomware: RansomHub Ransomware

Actions to take today to mitigate cyber threats from ransomware: 1. Install updates for operating systems, software, and firmware as soon as they are released. 2. Require phishing-resistant MFA i.e., non-SMS text based for as many services as possible. 3. Train users to recognize and report...

10CVSS8.3AI score0.99654EPSS
Exploits253References114
The Hacker News
The Hacker News
added 2024/08/08 3:31 p.m.28 views

University Professors Targeted by North Korean Cyber Espionage Group

The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/10 10:6 a.m.19 views

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program APP. "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said...

6.7AI score
Exploits0
Amazon
Amazon
added 2024/06/12 12:0 a.m.22 views

Medium: opensc

Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 Affected Packages: opensc Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...

5.9CVSS5.9AI score0.01156EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/05/30 6:52 a.m.12 views

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

Okta is warning that a cross-origin authentication feature in Customer Identity Cloud CIC is susceptible to credential stuffing attacks orchestrated by threat actors. "We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for...

7.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/05/28 11:9 a.m.34 views

Lattice-Based Cryptosystems and Quantum Cryptanalysis

Quantum computers are probably coming, though we dont know when--and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The...

7.2AI score
Exploits0
Rows per page
Query Builder