encryption Archives

FBI releases Lockbit 2.0 ransomware-as-a-service IoCs

Cybersecurity Attacks, Malware / By Frank Crast / February 11, 2022 September 5, 2022 / BlackCat, encryption, ESXi, LockBit, LockBit 2.0, RaaS, Ransomware, ransomware-as-a-service, VMware

The Federal Bureau of Investigation (FBI) has released new Indicators of Compromise (IoC) details on Lockbit ransomware-as-a-service (RaaS).

NSA: New guidance to eliminate obsolete TLS protocols

Authentication, Configuration Management, Cryptography, Cybersecurity Articles, Vulnerabilities & Exploits / By Frank Crast / January 9, 2021 January 11, 2021 / CNSA, DES, DHE, ECDH, ECDH/ECDHE, encryption, IDEA, NIST SP 800-52, NSA, NULL, RC2, RC4, SSL, TDES/3DES, TLS, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3

The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).

Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices

Cryptography, Network Security, Vulnerabilities & Exploits / By Frank Crast / February 27, 2020 February 28, 2020 / CVE-2019-15126, encryption, ESET, Kr00k, KRACK, KrØØk, RSA, WiFi, WPA2

Security researchers have discovered a new vulnerability dubbed Kr00k (or “KrØØk”) that impacts devices with Broadcom and Cypress Wi-Fi chips.

NSA: Guidance to mitigate cloud vulnerabilities

Cloud Security, Configuration Management, Cybersecurity Articles, Third-Party Security / By Frank Crast / February 10, 2020 February 15, 2020 / Cloud, CSP, encryption, IAM, Key Management, least privilege, NSA, third party

The National Security Agency (NSA) has released guidelines to help organizations mitigate cloud vulnerabilities. The NSA document includes four classes of vulnerabilities at most risk to threat actors.

WannaCry, Petya and Copycat Ransomware Expose Good History Lessons for Small Business and Enterprise Security

Business Continuity & Resiliency, Cybersecurity Articles, Cybersecurity Attacks, Malware / By Frank Crast / January 14, 2020 February 21, 2020 / Backup, encryption, MS17-010, Petya, Ransomware, WannaCry, Windows 7, Windows Server 2008, Windows XP

On May 12, 2017, the now infamous WannaCry ransomware burst onto the worldwide scene. WannaCry infected over 200,000 systems and 150 countries in just 3 days.

Bluetooth BR/EDR supported devices vulnerable to cyber attacks

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 17, 2019 August 19, 2019 / bluetooth, BR/EDR, encryption, KNOB

Security researchers have identified a security vulnerability related to encryption on Bluetooth BR/EDR connections. As a result, an unauthenticated attacker near the vulnerable device could exploit the issue and escalate privileges or steal information.

encryption

FBI releases Lockbit 2.0 ransomware-as-a-service IoCs

NSA: New guidance to eliminate obsolete TLS protocols

Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices

WannaCry, Petya and Copycat Ransomware Expose Good History Lessons for Small Business and Enterprise Security

Bluetooth BR/EDR supported devices vulnerable to cyber attacks

WordPress 5.2 “Jaco” comes with new security features

NIST SP 800-177 Revision 1: “Trustworthy Email”

Cold boot attack can expose encryption keys, data on laptops

TLS 1.3 protocol is officially standard