Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 123

This ‘Tamper-Evident Container’ Snitches on Meddlers and Thieves

The 3D-printed containers keep a log of all break-in attempts, meaning your snail mail just got way safer.

Suppose you want to mail a court document to someone across the country—you don’t want anyone to see the secure information inside, of course. So, you seal it into a container that has special sensors built into its walls, and electronics that monitor the shield of sensors. Now, the container is armed and monitoring.

On the way to its intended recipient, let’s say the container is hacked. When the intended recipient later opens the container, they pull out the court document, along with an SD card (just like the ones you might use to store digital photos). They plug the card into a computer and look at the file. They see an encrypted historical record of the container’s experiences, from the time you put that document into the container and sealed it, up until the time they opened it. In the list of messages is a notification about a tampering attack, along with the date and time of the incident. The message also specifies the type of breach detected, such as the container being opened or cut.

A team at Los Alamos National Laboratory in New Mexico hopes this ability to see recorded, real-time security information about sensitive physical materials will become an everyday tool. Using a 3D printer, engineers built a prototype “Tamper-Evident Container” (TEC) that looks like a cylindrical box on the outside, but inside holds a complex network of sensors and electronics that record potential break-ins.

Quasiparticles used to generate millions of truly random numbers a second

This could lead to a truly random number generator making things much more secure.

Random numbers are crucial for computing, but our current algorithms aren’t truly random. Researchers at Brown University have now found a way to tap into the fluctuations of quasiparticles to generate millions of truly random numbers per second.

Random number generators are key parts of computer software, but technically they don’t quite live up to their name. Algorithms that generate these numbers are still deterministic, meaning that anyone with enough information about how it works could potentially find patterns and predict the numbers produced. These pseudo-random numbers suffice for low stakes uses like gaming, but for scientific simulations or cybersecurity, truly random numbers are important.

In recent years scientists have turned to the strange world of quantum physics for true randomization, using photons to generate strings of random ones and zeroes or tapping into the quantum vibrations of diamond. And for the new study, the Brown scientists tried something similar.

Researchers break world record for quantum-encrypted communications

Researchers in Beijing have set a new quantum secure direct communication (QSDC) world record of 102.2 km (64 miles), smashing the previous mark of 18 km (11 miles), The Eurasian Times reported. Transmission speeds were extremely slow at 0.54 bits per second, but still good enough for text message and phone call encryption over a distance of 30 km (19 miles), wrote research lead Long Guilu in Nature. The work could eventually lead to hack-proof communication, as any eavesdropping attempt on a quantum line can be instantly detected.

QSDC uses the principal of entanglement to secure networks. Quantum physics dictates that entangled particles are linked, so that if you change the property of one by measuring it, the other will instantly change, too — effectively making hacking impossible. In theory, the particles stay linked even if they’re light-years apart, so such systems should work over great distances.

The same research team set the previous fiber record, and devised a “novel design of physical system with a new protocol” to achieve the longer distance. They simplified it by eliminating the “complicated active compensation subsystem” used in the previous model. “This enables an ultra-low quantum bit error rate (QBER) and the long-term stability against environmental noises.”

FBI warning: These hackers are targeting developers and DevOps teams to break into crypto firms

The US government has detailed how North Korean state-sponsored attackers have been hacking cryptocurrency firms using phishing, malware and exploits to steal funds and initiate fraudulent blockchain transactions.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) have issued a joint cybersecurity advisory to warn all businesses in cryptocurrency to watch out for attacks from North Korean state-sponsored hackers.

A model that can help inexperienced users identify phishing emails

Phishing attacks are cyber-attacks through which criminals trick users into sending them money and sensitive information, or into installing malware on their computer, by sending them deceptive emails or messages. As these attacks have become increasingly widespread, developers have been trying to develop more advanced tools to detect them and protect potential victims.

Researchers at Monash University and CSIRO’s Data61 in Australia have recently developed a machine learning-based approach that could help users to identify phishing emails, so that they don’t inadvertently install or send sensitive data to cyber-criminals. This model was introduced in a paper pre-published on arXiv and set to be presented at AsiaCCS 2022, a cyber-security conference.

“We have identified a gap in current phishing research, namely realizing that existing literature focuses on rigorous ‘black and white’ methods to classify whether something is a phishing email or not,” Tingmin (Tina) Wu, one of the researchers who carried out the study, told TechXplore.