Old malware returns in a new way. [Research Saturday]
Jeremy Kennelly and Sulian Lebegue from Mandiant sit down with Dave to discuss their research “From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind? One of the oldest and most…
teler v2.0-dev releases: Real-time HTTP Intrusion Detection
teler teler is a real-time http intrusion detection and threat alert based on a weblog that runs in a terminal with resources that we collect and provide by the community. Features…
fibratus v1.8 releases: exploration and tracing of the Windows kernel
Fibratus Fibratus is a tool for exploration and tracing of the Windows kernel. It lets you trap system-wide events such as process life-cycle, file system I/O, registry modifications or network requests among many other…
grafana v9.3.1 releases: open-source platform for monitoring and observability
grafana Grafana allows you to query, visualize, alert on, and understand your metrics no matter where they are stored. Create, explore, and share dashboards with your team and foster a…
Integer Polynomial Recovery from Outputs and its Application to Cryptanalysis of a Protocol for Secure Sorting
{We investigate the problem of recovering integer inputs (up to an affine scaling) when given only the integer monotonic polynomial outputs. Given $n$ integer outputs of a degree-$d$ integer monotonic…
Authenticated Encryption with Key Identification
Authenticated encryption with associated data (AEAD) forms the core of much of symmetric cryptography, yet the standard techniques for modeling AEAD assume recipients have no ambiguity about what secret key…
Quantum-safe HIBE: does it cost a Latte?
The UK government is considering advanced primitives such as identity-based encryption (IBE) for adoption as they transition their public-safety communications network from TETRA to an LTE-based service. However, the current…
Backdooring Post-Quantum Cryptography: Kleptographic Attacks on Lattice-based KEMs
Post-quantum Cryptography (PQC) has reached the verge of standardization competition, with Kyber as a winning candidate. In this work, we demonstrate practical backdoor insertion in Kyber through kleptrography. The backdoor…
Interactive Authentication
Authentication is the first, crucial step in securing digital assets like cryptocurrencies and online services like banking and social networks. It relies on principals maintaining exclusive access to credentials like…
New CryWiper wiper targets Russian entities masquerading as a ransomware
Experts spotted a new data wiper, dubbed CryWiper, that was employed in destructive attacks against Russian mayor’s offices and courts. Researchers from Kaspersky discovered a previously unknown data wiper, dubbed CryWiper,…