Category Archives: Encryption
Instagram makes encrypted direct messaging available in Ukraine and Russia – TechCrunch
As part of a series of actions Meta (previously Facebook) is taking in response to the conflict in Ukraine, which have included restricting state media and increased efforts around fact-checking, the company also announced its making encrypted one-to-one chats in Instagram available to all adults in both Ukraine and Russia.
Users on Instagram will also be alerted to the option by way of a notification that appears at the top of their direct message inbox, which informs them they can switch over to an encrypted conversation if they choose.
Other Meta-owned apps, including Messenger and WhatsApp, have already offered end-to-end encryption. On WhatsApp, its the default. However, default end-to-end encryption wont fully arrive on Messenger until sometime in 2023, but the company has offered the option to enable end-to-end encryption for text chats on Messenger for many years. In addition, it fully rolled out end-to-end encrypted group chats and calls in Messenger back in January.
The company explained its decision to make the safety features available across both Ukraine and Russia. It suggested Russian activists speaking out against the war could also be at risk without the option.
Prominent Russians creators and influencers, activists and musicians, are using Facebook and Instagram to access information and speak out against the invasion, said Nick Clegg, Metas president of global affairs, who was recently upgraded from his VP status. We want them to continue to be able to do so. And we want people in Russia to continue to be able to hear from President Zelenskyy and others in Ukraine, he added.
The company has made several other changes in recent days as the crisis has unfolded, even as the Russian government has restricted access to Metas services.
For end users, the changes arent limited to encrypted Instagram DMs. The company also rolled out safety features for users in Ukraine and Russia, including the ability for people to lock their Facebook profile and remove the ability to view and search friend lists, Clegg noted. The Lock Profile feature was first launched in 2020 as a safety option for women in India. It prevents Facebook users from viewing the posts and photos of people theyre not friends with, and restricts them from zooming into or downloading those users profile pictures or cover photos, as well.
Link:
Instagram makes encrypted direct messaging available in Ukraine and Russia - TechCrunch
Bracing for State-Sponsored Ransomware and Cyberthreats in a World of Conflict – Finextra
New ransomware andcyberthreats are being unleashed on the financial sector, and global events happening right now have dramatically increased the probability of cyberattack.
As a new war rages in Ukraine, the Conti ransomware gang, and Russias Internet Research Agency, have declared support for Putins invasion andvowed to retaliate against computing infrastructure in the U.S. and Europe if Russia is hit with cyber incursions. As governments ramp up financial pressure on Russian institutions and elites, sanctions are likely to prompt a cyber-offensive against financial entities in the West.
Already Ukrainian banks Privatbank and Oschadbank, have been targeted by state-sponsored attacks meant to disrupt critical services and infrastructure. Wiper viruses, capable of destroying data and disabling entire systems, werediscovered on hundreds of computers in Ukraine in recent days.
Russian hackers are infamously effective, along with those from other rogue nations intent to cause chaos in the global-spanning financial sector. Typically aimed at monetary gain, cyberattacks are increasingly meant to cripple banks and their customers, misdirect resources, and make data permanently inaccessible.
Federal Reserve chairman Jerome Powell said in December that a cyberattack could inflict significant financial stability risk that we havent actually faced yet, should it take down a major institution or financial utility.
Data observability and threat detectionDespite the warnings, threats continue to catch financial firms off guard, and many still do not have adequate plans in place to survive and recover. Biden administration officials introduced last month aShields Up initiative to further protect essential financial services. They said organizations should step up their ability to detect unusual network behavior and anomalous data consumption or access patterns.
Alert services are now considered table stakes in cloud-based and on-premises data management systems. They provide scheduled reporting and real-time custom warnings on user activity, data movement and cloud connectivity, allowing administrators to see what is happening at a glance.
Additionally, financial institutions should consider capabilities for reporting on node performance in software-defined storage. Real-time notifications about anomalous behavior within a global file system, for example, offer instant visibility into changes in data consumption patterns.
SaaS data management capabilities, which can be offered as an overlay to existing global file systems, provide a unified view of data in the cloud and on-premises. Automated alerting, search, audit, and file analytics deliver key observability, and can also assist with file restoration by helping administrators quickly find and recover affected data at massive scale.
Immutable data architecturesWhile detection and response to check for anomalistic activity is a first order of protection, once the boundaries of a network are breached, additional safeguards and security frameworks are needed. Banking and financial services organizations need to be prepared for unpredictable situations that cross the bounds of what cybersecurity vendors have consideredespecially with the current increased threat, which is not intended to extort victims, but instead to paralyze infrastructure and diminish faith in banking and government services.
Making data impervious to ransomware and other malware variants, by storing it in an immutable formthat is write once read many orWORMhas emerged as an important bulwark.
In response to data protection mandates like the EU's strict General Data Protection Regulation(GDPR), the California Consumer Privacy Act (CCPA), and the latest Markets in Financial Instruments Directive (MiFID II), technology is already being employed to ensure the lifeblood data of finance and capital operations can be unalterably stored and audited in perpetuity. The goal has been to protect PII while also staunching market and trading abuses that have beleaguered the sector.
That same immutability is also vital to protecting data from hackers. Once data is in a cloud object store, using a global file type system, an immutable architecture guarantees it cannot be changed, overwritten, or damaged. An effective approach is for file changes to be written as new data blocks which have no effect on existing data. When file pointers are configured to record which blocks comprise a file at any given time, data is made incorruptible.
File restoration and recovery tacticsRegardless of which technological approach is used by financial institutions, one question remains. What if malicious code is inserted into a network and data is taken down, held hostage, or otherwise corrupted?
In this emerging space, many fit-for-purpose solutions can make it extremely hard to lose data altogether, or at least to greatly minimize data loss. In fact, while legacy concepts of data backup and archival have proven effective, the time and effort required to bring systems back online and restore data from offline repositories is problematic. Business continuity,service-level agreements (SLAs), and the functioning of the financial system itself demands a better approach, with faster time to resolution.
Utilizing read-only snapshots or replicas of data, which ostensibly provide a precise, point-in-time restoration of individual files and even entire cloud storage volumes, has the ability to recover any data. The most advanced data management and global file system technologies also ensure both the replicas and the data itself are immutable, allowing files to be reverted back to previous data blocks that comprise any uninfected files. It is therefore possible to quickly restore data, such as transactions and workflows, at a granular level.
Checking the box on encryptionEncryption is at the heart of data protection and a robust cyberdefense. The standard bank-level encryption is256-bit AES, or advanced encryption standard. When applied to data in transit, solutions that address regulatory requirements securely and immutably, also avoid risk because data is never exposed to unauthorized access.
Financial market participants should check that data transmitted to or from the cloud is also encrypted withTLS v1.2 while in flight, preventing access via interception or eavesdropping between cloud services.
Building on this paradigm, AES-256-CBC encryption for data at rest, for example data held in an object store, is also protected from exploitation. Such systems should always beNIST FIPS 140-2 compliant with encryption keys managed by the organization and never stored in the cloud. Hybrid and multi-cloud solutions should include all of these types of native data encryption.
Contours of a resilient postureBanking institutions and financial entities should be on high alert. Several weeks ago, in the days leading up to the Russian invasion, multiple Ukrainian websites were struck by hackers thatleft a warning to "be afraid and expect the worst. State security services said evidence pointed to hacker groups directed by Russian intelligence.
Both the European Central Bank and the British Financial Conduct Authority are preparing for a possible Russian-sponsored cyberattack as geopolitical tensions grow, contacting financial organizations to warn them of the impending fallout of the conflict.
The White House is also following suit as the standoff between Russia and Ukraine continues to rattle markets, and transform low probabilities into real and present dangers to the global financial system. Authoritieshave directed banks and financial firms, as well as other organizations that support global financial markets, to take steps now to fortify mission-critical data resources.
While neither governments nor financial entities have been forthcoming with details about security defenses, for obvious reasons, tools that support a strong data framework are within our grasp. Now is the time to adopt a heightened data resiliency and recovery posture.
Read more here:
Bracing for State-Sponsored Ransomware and Cyberthreats in a World of Conflict - Finextra
Ukraine-Russia conflict: Signal says rumours on hacking not true as it sees uptick in Eastern Europe – The Indian Express
The Signal app has issued a statement saying that rumours that the secure messaging service was hacked and compromised are false. It also said that the app has seen an uptick in usage in Eastern Europe in the backdrop of the ongoing Russian invasion of Ukraine. The company posted the announcement from its official Twitter handle, adding that they believed that the rumours were part of a coordinated misinformation campaign meant to encourage people to use less secure alternatives.
Were seeing these rumors appear in messages forwarded on several different apps. These rumors are often attributed to official government sources and read attacks on Signal platform. This is false and Signal is not under attack, Signal wrote in its official statement.
The reports also come after Signal founder and cryptographer Moxie Marlinspike had posted against rival app Telegram on his Twitter account. He had written that Telegram was the most popular messenger in urban Ukraine, and that people believed it was an encrypted app, which he said was the result of misleading marketing and press.
The Signal founder had written on his Twitter account, Telegram is the most popular messenger in urban Ukraine. After a decade of misleading marketing and press, most ppl there believe its an encrypted app. The reality is the opposite-TG is by default a cloud database w/ a plaintext copy of every msg everyone has ever sent/recvd.
He added that there was no worse choice in terms of privacy and data collection, even though Telegram has a lot of compelling features. He pointed out that Every msg, photo, video, doc sent/received for the past 10 yrs; all contacts, group memberships, etc are all available to anyone w/ access to that DB (DB meaning database).
According to him, another issue of concern was that many Telegram employees have family in Russia and that even if Russia does not hack the app, they can leverage family safety for access.
While Signal is end-to-end encrypted by default, and its security protocol is known. In fact, the same protocol is used by WhatsApp. However, Telegram is not entirely encrypted. Only secret chats on Telegram are end-to-end encrypted and the messaging app deploys its own encryption protocols, for which it has faced criticism.
This is not the first time that questions have been raised around Telegram and its security protocol. Its founder Pavel Durov, who is of Russian origin, has defended the app in the past. In a message posted on December 29, 2021, on his Telegram channel, he had also referred to an FBI leaked document that claimed that the agency could access message contents from WhatsApp while it could not do the same from Telegram.
Durov had written that apps like WhatsApp give real-time user data to third parties, and despite their numerous claims about E2E encryption, can also disclose message contents, adding that the report has confirmed that Telegram is one of the few messaging apps that doesnt breach their users trust.
He also claimed that engineers in the US have to secretly implement backdoors in their apps when the US government orders them which is not a claim backed by any proof. He also claimed that secure apps such as Signal have been funded by government agencies, again for which there is no proof. Keep in mind that the same report that Durov referred to also notes that no message content can be collected by the FBI from the Signal app.
Interestingly, Signal had seen a spike in users from India last year, when WhatsApp had announced changes to its privacy policy. The outrage had eventually forced WhatsApp to stop the policy rollout. Telegram had also seen a spike in users in India, due to the controversy.
Enabling Data Security with Homomorphic Encryption | ITBE – IT Business Edge
Regardless of the strength of datas encryption, more and more potential vulnerabilities surface in data security as more people are granted access to sensitive information. However, a relatively new encryption protocol poses a unique solution to these types of mounting privacy exposures.
Homomorphic encryption enables users to edit data without decrypting it, meaning the broader dataset is kept private even as it is being written. The technology may not be an ideal solution for everyone, but it does have significant promise for companies looking to protect huge troves of private data.
Homomorphic encryption was proposed in 2009 by a graduate student, who described his concept through an analogy of a jewelry store owner.
Alice, the owner, has a lockbox with expensive gems to which she alone has the key. When Alice wants new jewelry made from the gems, her employees wear special gloves that allow them to reach into the closed box and craft the jewelry using the gems without being able to pull them out of the box. When their work is done, Alice uses her key to open the box and withdraw the finished product.
In a conventional encryption model, data must be downloaded from its cloud location, decrypted, read or edited, re-encrypted, and then reuploaded. As files expand into the gigabyte or petabyte scale, these tasks can become increasingly burdensome, and they expose the greater dataset to wandering eyes.
By contrast, data that is encrypted homomorphically can have limited operations performed on it while its still on the server, no decryption necessary. Then, the final encrypted product is sent to the user, who uses their key to decrypt the message. This is similar to end-to-end encryption, only the receiver can access the decrypted message.
Also read: Data Security: Tokenization vs. Encryption
AI-driven healthcare analytics have come a long way in recent years, with AI being able to predict disease and other health risks from large sets of medical data.
Today, services like 23 and Me allow customers to hand over sensitive medical information for genetic testing and ancestry information. But these companies have been hit with accusations of selling this personal information or providing it to third parties such as the government, without customer knowledge or consent.
If that data was protected through homomorphic encryption, the company would still be able to process the data and return its results to the customer, but at all times that information would be completely useless until it is decrypted by the customer, keeping his or her information entirely confidential.
Within the last two years, Microsoft, Google, and many other of the largest names in tech have been investing in developing the technology, even freely offering their open-source implementations.
In the case of Google, the company may be pursuing the technology as a means of complying with privacy regulations such as the European GDPR. With homomorphic encryption, Google could continue to build an ad profile, based on large volumes of personal data that it collects through various means, and compile it into an encrypted database with limited usage or applications that only the end user might experience.
For instance, a user may search Google for restaurants near them. The query would hit the homomorphic black box, privately process the users preferences and location, and return tailored results.
There are three common iterations of this technology, and one size does not fit all.
Homomorphic encryption has yet to see widespread adoption. However, its not uncommon for encryption protocols to spend a decade in development.
There are community standards that need to be established. Public confidence that the technology is safe, secure, solid, and not exploitable needs to be reached. APIs need to be implemented. And lastly, perhaps the biggest hurdle for homomorphic encryption is that the technology needs to perform well.
No one wants to adopt a more secure protocol only to discover that system performance has taken a massive hit. From an end-user standpoint, that will feel more like a massive setback than a step forward. While the protocol has become massively more efficient since its inception in 2009, it still lags behind todays conventional encryption methods, particularly as users move from PHE to SHE to FHE.
While the computational overhead is too large for many businesses that dont need the added security, homomorphic encryption may yet become the go-to standard for sensitive industries like finance and healthcare.
Read next: Best Encryption Software & Tools
View post:
Enabling Data Security with Homomorphic Encryption | ITBE - IT Business Edge
Is the World Ready to Fight Quantum Hacking to Save the Internet? – Analytics Insight
Explore the race to save encryption from Quantum hacking and how to protect from invasion
Quantum computers could become far more powerful than digital computers. Quantum computers have limitless potential. But it is still in its infancy, incredibly expensive, and fraught with problems.it will help hackers get access to private data by breaking encryption. quantum computing is useful but, quantum hacking is dangerous. Quantum Hacking is the use of quantum computers for malicious purposes. even the most secure data encryption algorithms also will be hacked and its all the fault of quantum computers.
Quantum hacking is performed by modern cryptographic strategies which often use private and public keys to encrypt and decrypt data through a mathematical equation. Not all cryptography will be vulnerable to quantum computing, but many current forms will. Currently, quantum computers are weak, it will only be a few decades or so until more powerful quantum machines are widely available. One study suggests that encryption using a 2048-bit key could be cracked in 8 hours using a quantum computer. An expert says that the threat of a nation-state adversary getting a large quantum computer and being able to access your information is real.
Quantum Hacking can break cryptographic protocols which have a private key, they need just a number to decrypt encrypted data. ability to break encryption is the worst fear about quantum computers. Currently, no action is developed but developed quantum-safe encryption its a technical solution to this problem. strong password authentication never stood a chance against a hacker with access to a quantum computer. Even the super-secure blockchain technology wont be enough to protect against a quantum computer.
A Company in San Diego, California has a lot of computer geniuses, and experienced people who worked in the U.S. Governments cyber warfare, all are spending their time trying to stay one step ahead of the criminals by anticipating their move. Even though its moves are years away. If a hacker were to try to intercept these computer bits, the sensor beam would detect it.
In 2015, the US National Security Agency announced that crypto systems are vulnerable, and it advised US businesses and the government to replace them. The next year, NIST invited computer scientists globally to submit candidate post-quantum algorithms to a process in which the agency would test their quality, with the help of the entire crypto community. and then publish official versions of those algorithms. Similar organizations in other countries, from France to China, will make their announcements.
Microsoft, Google, and IBM companies are investing heavily in quantum computing academic research. International governments are providing some anti-hacking solutions, using quantum technology to help some government agencies and supersized corporations protect their passwords. Its hard to crack and unbreakable.
Multiple actors are working on the problems of quantum security. China has made a disproportionate investment in quantum security. This could lead to a possibility in which Chinese-sponsored companies are the only ones with access to tools that prevent quantum hacking.
Technology comes to a future problem; todays security systems wouldnt be able to provide much protection at all. And hackers are always eager to mess up great new technology. Hackers may soon be able to expose all digital communications by using advanced quantum computers. A new form of cryptography would stop hackers.
Share This ArticleDo the sharing thingy
About AuthorMore info about author
See the original post here:
Is the World Ready to Fight Quantum Hacking to Save the Internet? - Analytics Insight
VeraCrypt 1.25.9 Encryption Software fixes BSOD on Windows – Ghacks Technology News
VeraCrypt is a popular open source encryption software that is based on the abandoned TrueCrypt application. VeraCrypt 1.25.9 was released on February 19, 2022 to the public.
The new version of the encryption software is already available. New and existing users may download the latest version from the official website for all supported operating systems. Select Help > About in the application interface to find out which version of VeraCrypt is installed.
VeraCrypt 1.25.9 includes fixes for the three supported operating systems Windows, Mac OS and Linux. Most changes apply only to the Windows version, including a fix for a BSOD that could happen on shutdown.
VeraCrypt erases the system encryption keys on shutdown by default; this procedure caused Blue Screens of Death on some Windows devices. The developers have created a new Registry key that toggles the erasing of the encryption keys on Windows devices.
The workaround is only required on systems that are affected by BSOD errors during shutdown. The Windows version of VeraCrypt includes several other changes:
Linux and Mac OS builds of VeraCrypt share a fix, which is also the only fix for Mac OS. Both address a hidden volume settings display issue when enabling hidden volume protection in the mount options window.
The Linux version has three additional fixes and improvements, including one crash fix. You can check out the entire changelog here.
Now You: do you use encryption software?
Summary
Article Name
VeraCrypt 1.25.9 Encryption Software fixes BSOD on Windows
Description
VeraCrypt is a popular open source encryption software that is based on the abandoned TrueCrypt application. VeraCrypt 1.25.9 was released on February 19, 2022 to the public.
Author
Martin Brinkmann
Publisher
Ghacks Technology News
Logo
Continued here:
VeraCrypt 1.25.9 Encryption Software fixes BSOD on Windows - Ghacks Technology News
Samsung shipped ‘100 million’ phones with flawed encryption – The Register
Academics at Tel Aviv University in Israel have found that recent Android-based Samsung phones shipped with design flaws that allow the extraction of secret cryptographic keys.
The researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool describe their work in a paper titled, "Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design," which is scheduled for presentation at Real World Crypto and USENIX Security, 2022.
Android smartphones, which pretty much all use Arm-compatible silicon, rely on a Trusted Execution Environment (TEE) supported by Arm's TrustZone technology to keep sensitive security functions isolated from normal applications. These TEEs run their own operating system, TrustZone Operating System (TZOS), and it's up to vendors to implement the cryptographic functions within TZOS.
The Android Keystore, the researchers explain, offers hardware-backed cryptographic key management via the Keymaster Hardware Abstraction Layer (HAL). Samsung implemented the HAL through a Trusted Application running in the TrustZone called Keymaster TA, to carry out cryptographic operations like key generation, encryption, attestation, and signature creation in a secure environment. The results of these TEE crypto calculations can then be used in apps operating in the less secure Android environment.
The Keymaster TA stores cryptographic keys as blobs the keys are wrapped (encrypted via AES-GCM) so they can be stored in the file system of the Android environment. In theory, they should only be readable within the TEE.
However, Samsung failed to implement Keymaster TA properly in its Galaxy S8, S9, S10, S20, and S21 phones. The researchers reverse engineered the Keymaster app and showed they could conduct an Initialization Vector (IV) reuse attack to obtain the keys from the hardware-protected key blobs.
The IV is supposed to be a unique number each time, which ensures the AES-GCM encryption operation produces a different result even when the same plain text is encrypted. But when the IV referred to by the researchers as "salt" and encryption key remain the same, the same output gets generated. And that sort of predictability is the bane of encryption.
"So they could have derived a different key-wrapping key for each key they protect," observed Matthew Green, associate professor of computer science at the Johns Hopkins Information Security Institute in the US, via Twitter. "But instead Samsung basically doesnt. Then they allow the app-layer code to pick encryption IVs. This allows trivial decryption."
Our Tel Aviv University boffins found three blob formats used among the Samsung phones v15, v20-s9, and v20-s10. The first, v15, is the default in the Galaxy S8; v20-s9 corresponds to the Galaxy S9; and v20-s10 was found in the S10, S20, and S21.
In the v15 and v20-s9 blobs, the researchers say, the salt is a deterministic function that relies on the application ID, application data, and constant strings from the Android environment. So for any given application, corresponding key blobs will be protected by the same key-wrapping key.
"Surprisingly, we discovered that the Android client is allowed to set the IV when generating or importing a key," the paper stated. "All that is necessary is to place an attacker-chosen IV as part of the key parameters, and it is used by the Keymaster TA instead of a random IV.
"As the [Android environment] also controls the application ID and application data, this means that an attacker can force the Keymaster TA to reuse the same key and IV that were previously used to encrypt some other v15 or v20-s9 blobs. Since AES-GCM is a stream cipher, the attacker can now recover hardware-protected keys from key blobs."
More recent model Samsung devices with v20-s10 blobs are not normally vulnerable to IV reuse attacks, though the researchers found a way to conduct a downgrade attack by having the Android environment pass an "encryption version" parameter telling the device to use the vulnerable v15 blob format.
The weak crypto was also used by the researchers to bypass FIDO2 WebAuthn, a way to use public-key cryptography, instead of passwords, to register for and authenticate to websites. Their proof-of-concept attack allowed the researchers to authenticate themselves to a website protected by the Android StrongKey application. What's more, they also managed to bypass Google's Secure Key Import, designed to let servers share keys securely with Android devices.
In all, the researchers estimate 100 million Samsung devices were vulnerable when they identified the encryption flaw last year. However, they responsibly disclosed their findings to Samsung in May 2021, which led to the August 2021 assignment of CVE-2021-25444 to the vulnerability, and a patch for affected devices. In July 2021, they revealed their downgrade attack, which led in October 2021 to CVE-2021-25490 and a patch that removed the legacy blob implementation (v15) from devices including the S10, S20, and S21.
Looking ahead, the boffins argue that an encryption scheme other than AES-GCM, or an IV reuse resistant version like AES-GCM-SIV, should be considered.
Samsung did not immediately respond to a request to confirm the researchers' estimate of affected devices and to estimate how many affected devices, if any, remain unpatched.
See the original post here:
Samsung shipped '100 million' phones with flawed encryption - The Register
Global Hardware-based Full Disk Encryption Market Outlook by Types, Applications, End Users and Opportunities 2021 to 2027 ZNews Africa – ZNews…
Global Hardware-based Full Disk Encryption Market from 2021 to 2027 is the title of a major market research study performed by MarketsandResearch.biz that examines market growth prospects and opportunities. The research includes an industry summary, requirements, product description, and goals, as well as an industry analysis. The major goal of the research is to give broad information about the industrys competitors, market trends, market potential, growth rate, and other important statistics.
It focuses on market features such as main drivers, opportunities, limiting factors, and challenges in the global market. This research will aid business strategists since it will enable them to expand effectively in both global and regional markets.
DOWNLOAD FREE SAMPLE REPORT: https://www.marketsandresearch.biz/sample-request/164377
The research investigates the key roadblocks to market development, such as how global Hardware-based Full Disk Encryption marketplaces provide new opportunities. The expansion techniques and procedures, growth forecasts, manufacturing plans, and cost structures are all explained in this report. The report will include detailed consumption information, as well as import and export statistics from regional and global markets, as well as revenue and gross margin analyses.
The following manufacturers are included prominently in the market report:
This report focuses on many major regions on a regional level:
The following product kinds are highlighted in the report:
The following are the top applications highlighted in the report:
ACCESS FULL REPORT: https://www.marketsandresearch.biz/report/164377/global-hardware-based-full-disk-encryption-market-2021-by-manufacturers-regions-type-and-application-forecast-to-2026
The research investigates the major roadblocks to market growth as well as the worldwide Hardware-based Full Disk Encryption overall market development possibilities. The expansion aims and methods, as well as growth numbers, manufacturing methodologies, and cost structures, are all explained in this document. The study might include detailed consumption information, regional and worldwide market import and export, revenue, and gross margin analyses.
Customization of the Report:
This report can be customized to meet the clients requirements. Please connect with our sales team ([emailprotected]), who will ensure that you get a report that suits your needs. You can also get in touch with our executives on +1-201-465-4211 to share your research requirements.
Contact UsMark StoneHead of Business DevelopmentPhone: +1-201-465-4211Email: [emailprotected]Web: http://www.marketsandresearch.biz
See the original post:
Global Hardware-based Full Disk Encryption Market Outlook by Types, Applications, End Users and Opportunities 2021 to 2027 ZNews Africa - ZNews...
How to lock a hard drive with a password in Windows 11 – St. George Daily Spectrum
George Cox| PC Periodicals
In this article, I will tell you how to lock your hard drive with a password using windows in-built feature BitLocker. This is a great way to protect your files from prying eyes and keep your system secure.
There are many benefits to locking your hard drive with a password. Some of these benefits include:
BitLocker is free software from Microsoft that allows you to encrypt your entire hard drive. It does this by creating a virtual encrypted disk within the physical disk. This is done in such a way that all data stored on the drive can only be accessed when using an authorized password. It is a good idea to use BitLocker with a password you have never used elsewhere.
When a drive is locked through BitLocker, it is not possible to access the data on the drive without the correct password. Even if the hard drive is removed from the computer and attached to another machine, it will be inaccessible.
BitLocker uses the advanced encryption standard (AES) with 128-bit or 256-bit keys to protect your data. AES is a very strong encryption algorithm that is used by the US government to protect classified information.
BitLocker can utilize two types of encryption, 128-bit or 256-bit, depending on the operating system you are using. The different levels of encryption protect your data with different strengths of security. For example, a lower level would be fine for protecting the information you do not need very securely. However, if you are storing classified government information, you would want to use a higher level of encryption.
On Windows 11, there are two types of BitLocker Encryption you can utilize:
In order to use BitLocker, your computer must meet the following system requirements:
To lock your hard drive with BitLocker in Windows 11:
Though BitLocker is an excellent feature to password lock your hard drive, it has some limitations:
BitLocker encryption is an excellent way to password protect your hard drive. It has many benefits, such as preventing access to data by unauthorized users, preventing the installation of malware, and preventing the copying of files to USB flash drives or external hard drives. Though it has some limitations, such as not being available on all versions of Windows and only being compatible with TPM version 1.2 or higher, the benefits of BitLocker encryption far outweigh these limitations.
If you are using BitLocker Drive Encryption on Windows 11, the unlocking process is pretty straightforward. Just type in your password and click unlock. Unfortunately, if you are using BitLocker To Go on another OS like Windows XP or Vista, unlocking drives can be a little more difficult. You will need to type in the Recovery Key Code that you created when you set up BitLocker. If you have lost or forgotten your Recovery Key Code, you can use the Find my recovery key feature on the BitLocker website to unlock your drive.
You should encrypt as much of your hard drive as possible for total protection and privacy.
Stay protected!
George Cox is the owner of Computer Diagnostics and Repair. He can be reached at 346-4217.
Read this article:
How to lock a hard drive with a password in Windows 11 - St. George Daily Spectrum
Chinese Experts Uncover Details of Equation Group’s Bvp47 Covert Hacking Tool – The Hacker News
Researchers from China's Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA).
Dubbed "Bvp47" owing to numerous references to the string "Bvp" and the numerical value "0x47" used in the encryption algorithm, the backdoor was extracted from Linux systems "during an in-depth forensic investigation of a host in a key domestic department" in 2013.
Pangu Lab codenamed the attacks involving the deployment of Bvp47 "Operation Telescreen," with the implant featuring an "advanced covert channel behavior based on TCP SYN packets, code obfuscation, system hiding, and self-destruction design."
Equation Group, dubbed the "crown creator of cyber espionage" by Russian security firm Kaspersky, is the name assigned to a sophisticated adversary that's been active since at least 2001 and has used previously undisclosed zero-day exploits to "infect victims, retrieve data and hide activity in an outstandingly professional way," some of which were later incorporated into Stuxnet.
The attacks have targeted a variety of sectors in no less than 42 countries, including governments, telecom, aerospace, energy, nuclear research, oil and gas, military, nanotechnology, Islamic activists and scholars, media, transportation, financial institutions, and companies developing encryption technologies.
The group is believed to be linked to the NSA's Tailored Access Operations (TAO) unit, while intrusion activities pertaining to a second collective dubbed Longhorn (aka The Lamberts) have been attributed to the U.S. Central Intelligence Agency (CIA).
Equation Group's malware toolset became public knowledge in 2016 when a group calling itself the Shadow Brokers leaked the entire tranche of exploits used by the elite hacking team, with Kaspersky uncovering code-level similarities between the stolen files and that of samples identified as used by the threat actor.
The incident analyzed by Pangu Lab comprises two internally compromised servers, an email and an enterprise server named V1 and V2 respectively, and an external domain (dubbed A), sporting a novel two-way communication mechanism to exfiltrate sensitive data from the systems.
"There is abnormal communication between external host A and the V1 server," the researchers said. "Specifically, A first sends a SYN packet with a 264-byte payload to port 80 of the V1 server, and then the V1 server immediately initiates an external connection to the high-end port of the A machine and maintains a large amount of exchange data."
Simultaneously, V1 connects to V2 via the SMB service to perform a number of operations, including logging in to the latter with an administrator account, trying to open terminal services, enumerating directories, and executing PowerShell scripts through scheduled tasks.
V2, for its part, also connects to V1 to retrieve a PowerShell script and an encrypted second-stage payload, the encrypted execution results of which are sent back to V1, which, according to the researchers, "acts as a data transfer between the A machine and the V2 server."
The Bvp47 backdoor installed on the servers consists of two parts, a loader which is responsible for decoding and loading the actual payload into memory. "Bvp47 generally lives in the Linux operating system in the demilitarized zone that communicates with the Internet," the researchers said. "It mainly assumes the core control bridge communication role in the overall attack."
Pangu Lab's attribution to Equation Group stems from overlaps with exploits contained in a GPG-encrypted archive file published by the Shadow Brokers "eqgrp-auction-file.tar.xz.gpg" as part of a failed auction of the cyber weapons in August 2016.
"In the process of analyzing the 'eqgrp-auction-file.tar.xz.gpg' file, it was found that Bvp47 and the attacking tools in the compressed package were technically deterministic, mainly including 'dewdrops,' 'suctionchar_agents,' 'tipoffs,' 'StoicSurgeon,' 'incision' and other directories," the researchers explained.
"The 'tipoffs' directory contains the RSA asymmetric algorithm private key used in the Bvp47 covert channel [for] command execution and other operations. On this basis, it can be confirmed that Bvp47 is from [the] Equation group."
The findings mark the second time hitherto undocumented malware developed by the Equation Group has come to light in as many months. In late December 2021, Check Point Research disclosed details of a diagnostic utility called "DoubleFeature" that's used in conjunction with the DanderSpritz malware framework.
"Judging from the attack tools related to the organization, including Bvp47, Equation group is indeed a first-class hacking group," the researchers concluded.
"The tool is well-designed, powerful, and widely adapted. Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort. The Equation Group is in a dominant position in national-level cyberspace confrontation."
Read the original post:
Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool - The Hacker News