Author: larrycameron80

7 Ways VPNs Can Turn from Ally to Threat

Source: Dark Reading
7 Ways VPNs Can Turn from Ally to Threat
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.

Uncategorized

HP Purchases Security Startup Bromium

Uncategorized

Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica

Source: Threat Post
Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica
Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.

Uncategorized

Ransomware Strikes 49 School Districts & Colleges in 2019

Uncategorized

Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

Source: Schneier
Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

Earlier this month I made fun of a company called Crown-Sterling, for…for…for being a company that deserves being made fun of.

This morning, the company announced that they “decrypted two 256-bit asymmetric public keys in approximately 50 seconds from a standard laptop computer.” Really. They did. This keylength is so small it has never been considered secure. It was too small to be part of the RSA Factoring Challenge when it was introduced in 1991. In 1977, when Ron Rivest, Adi Shamir, and Len Adelman first described RSA, they included a challenge with a 426-bit key. (It was factored in 1994.)

The press release goes on: “Crown Sterling also announced the consistent decryption of 512-bit asymmetric public key in as little as five hours also using standard computing.” They didn’t demonstrate it, but if they’re right they’ve matched a factoring record set in 1999. Five hours is significantly less than the 5.2 months it took in 1999, but slower than would be expected if Crown-Sterling just used the 1999 techniques with modern CPUs and networks.

Is anyone taking this company seriously anymore? I honestly wouldn’t be surprised if this was a hoax press release. It’s not currently on the company’s website. (And, if it is a hoax, I apologize to Crown Sterling. I’ll post a retraction as soon as I hear from you.)

Uncategorized

Forcepoint VPN Client is Vulnerable to Privilege Escalation Attacks

Uncategorized

WeWork's Wi-Fi Exposed Files, Credentials, Emails

Uncategorized

A Safer IoT Future Must Be a Joint Effort

Uncategorized

News Wrap: Emotet’s Return, U.S. Vs. Snowden, Physical Pen Testers Arrested

Uncategorized

Mattress Company Leaks Data Records of 387K Customers

Uncategorized
%d bloggers like this: