Experimental News Clipping Site

Tag: Crypto

  • Hacker News: Lazarus Group deceives developers with 6 new malicious NPM packages

    by

    Kurt Seifried
    in

    Source URL: https://cyberscoop.com/lazarus-group-north-korea-malicious-npm-packages-socket/ Source: Hacker News Title: Lazarus Group deceives developers with 6 new malicious NPM packages Feedly Summary: Comments AI Summary and Description: Yes Summary: The Lazarus Group has infiltrated the npm registry, introducing six malicious packages designed to deceive software developers, steal credentials, and disrupt their workflows. This incident highlights the ongoing threats…

  • Wired: A New Era of Attacks on Encryption Is Starting to Heat Up

    by

    Kurt Seifried
    in

    Source URL: https://www.wired.com/story/a-new-era-of-attacks-on-encryption-is-starting-to-heat-up/ Source: Wired Title: A New Era of Attacks on Encryption Is Starting to Heat Up Feedly Summary: The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say. AI Summary and Description: Yes Summary: The text…

  • Rekt: 1Inch – Rekt

    by

    Kurt Seifried
    in

    Source URL: https://www.rekt.news/1inch-rekt Source: Rekt Title: 1Inch – Rekt Feedly Summary: One hacker transformed 1inch resolver contracts into a $5 million ATM through an integer underflow exploit – all with a negative 512 value. Attacker pocketed $450K as a “bounty" for exposing two years of an undetected vulnerability. AI Summary and Description: Yes Summary: This…

  • Rekt: Not So Safe

    by

    Kurt Seifried
    in

    Source URL: https://www.rekt.news/not-so-safe Source: Rekt Title: Not So Safe Feedly Summary: North Korea’s Lazarus Group stole $1.4B from Bybit’s signers by exploiting a simple vulnerability in Safe’s system. A single yaml.load execution bypassed high-end security, turning a supposedly impenetrable system into one of the industry’s biggest disasters. AI Summary and Description: Yes Summary: The text…

  • Unit 42: Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/?p=138627 Source: Unit 42 Title: Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims Feedly Summary: We identified a campaign spreading thousands of sca crypto investment platforms through websites and mobile apps, possibly through a standardized toolkit. The post Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims appeared…

  • Hacker News: Constant-Time Code: The Pessimist Case [pdf]

    by

    Kurt Seifried
    in

    Source URL: https://eprint.iacr.org/2025/435.pdf Source: Hacker News Title: Constant-Time Code: The Pessimist Case [pdf] Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the challenges and pessimistic outlook surrounding the implementation of constant-time coding in cryptographic software, especially in the light of modern compiler optimization techniques and the increasing complexity of CPU architectures.…

  • Hacker News: Constant-time coding will soon become infeasible

    by

    Kurt Seifried
    in

    Source URL: https://eprint.iacr.org/2025/435 Source: Hacker News Title: Constant-time coding will soon become infeasible Feedly Summary: Comments AI Summary and Description: Yes Summary: This paper discusses the challenges and shortcomings associated with writing secure cryptographic software that is free from timing-based side-channels. It presents a pessimistic view on the feasibility of constant-time coding, suggesting that failures…

  • NCSC Feed: ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance

    by

    Kurt Seifried
    in

    Source URL: https://www.ncsc.gov.uk/guidance/roca-infineon-tpm-and-secure-element-rsa-vulnerability-guidance Source: NCSC Feed Title: ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance Feedly Summary: Guidance for those who want to understand and reduce the impact of the ROCA vulnerability. AI Summary and Description: Yes Summary: The provided text discusses the implementation and vulnerabilities of Trusted Platform Modules (TPMs) and Secure Elements…

  • NCSC Feed: Provisioning and securing security certificates

    by

    Kurt Seifried
    in

    Source URL: https://www.ncsc.gov.uk/guidance/provisioning-and-securing-security-certificates Source: NCSC Feed Title: Provisioning and securing security certificates Feedly Summary: How certificates should be initially provisioned, and how supporting infrastructure should be securely operated. AI Summary and Description: Yes Summary: The text discusses the implementation and management of X.509v3 certificates and Public Key Infrastructure (PKI) necessary for securing communications in networks.…

  • Hacker News: NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption

    by

    Kurt Seifried
    in

    Source URL: https://www.nist.gov/news-events/news/2025/03/nist-selects-hqc-fifth-algorithm-post-quantum-encryption Source: Hacker News Title: NIST Selects HQC as Fifth Algorithm for Post-Quantum Encryption Feedly Summary: Comments AI Summary and Description: Yes Summary: NIST has selected a secondary backup encryption algorithm, HQC, which complements the primary quantum-resistant algorithm, ML-KEM, to ensure data security against future quantum computing threats. This dual-layer approach highlights how…