Lifeboat Foundation

Three new encryption algorithms to bolster global cybersecurity efforts against future attacks using quantum technologies were published today by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. The new standards are designed for two tasks: general encryption and digital signatures.

These new standards are the culmination of an eight-year effort from the agency to tap the best minds in cybersecurity to devise the next generation of cryptography strong enough to withstand quantum computers. Experts expect quantum computers capable of breaking current current cryptographic algorithms within a decade. The new standards, the first released by NIST’s post-quantum cryptography (PQC) standardization project, are published on the department’s website. The documents contain the algorithms’ computer code, instructions for how to implement them in products and in encryption systems, and use cases for each.

FBI disrupts Dispossessor ransomware group, dismantling servers across multiple countries. Learn about their tactics and the evolving ransomware lands.

A recently adopted United Nations treaty could lead to invasive digital surveillance, human rights experts warn.

By Kate Graham-Shaw

NEW YORK CITY —The United Nations approved its first international cybercrime treaty yesterday. The effort succeeded despite opposition from tech companies and human rights groups, who warn that the agreement will permit countries to expand invasive electronic surveillance in the name of criminal investigations. Experts from these organizations say that the treaty undermines the global human rights of freedom of speech and expression because it contains clauses that countries could interpret to internationally prosecute any perceived crime that takes place on a computer system.

The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and trojans as part of a spear-phishing campaign codenamed EastWind.

The attack chains are characterized by the use of RAR archive attachments containing a Windows shortcut (LNK) file that, upon opening, activates the infection sequence, culminating in the deployment of malware such as GrewApacha, an updated version of the CloudSorcerer backdoor, and a previously undocumented implant dubbed PlugY.

PlugY is “downloaded through the CloudSorcerer backdoor, has an extensive set of commands and supports three different protocols for communicating with the command-and-control server,” Russian cybersecurity company Kaspersky said.

Link to newsletter:

Dear Subscribers, please see the latest Security & tech Insights newsletter covering emerging issues, trends and potential solutions in the world of cybersecurity. Thanks for reading and stay safe! Best, Chuck Brooks PS checkout my new book on Amazon: Inside Cyber: How AI, 5G, and Quantum Computing Will Transform Privacy and Our Security Amazon.com : Inside Cyber: How AI, 5G, and Quantum Computing Will Transform Privacy and Our Security: 9781394254941: Brooks, Chuck: Books.

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring-2 privileges and install malware that becomes nearly undetectable.

Ring-2 is one of the highest privilege levels on a computer, running above Ring-1 (used for hypervisors and CPU virtualization) and Ring 0, which is the privilege level used by an operating system’s Kernel.

The Ring-2 privilege level is associated with modern CPUs’ System Management Mode (SMM) feature. SMM handles power management, hardware control, security, and other low-level operations required for system stability.

An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.

“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands,” the ReasonLabs research team said in an analysis.

“This trojan malware, existing since 2021, originates from imitations of download websites with add-ons to online games and videos.”

Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users.

The vulnerabilities “led to an entire break in the security of Sonos’s secure boot process across a wide range of devices and remotely being able to compromise several devices over the air,” NCC Group security researchers Alex Plaskett and Robert Herrera said.

Successful exploitation of one of these flaws could allow a remote attacker to obtain covert audio capture from Sonos devices by means of an over-the-air attack. They impact all versions prior to Sonos S2 release 15.9 and Sonos S1 release 11.12, which were shipped in October and November 2023.

Brain-computer interfaces (BCIs) can translate a person’s brainwaves into action, but these devices are vulnerable to hacking.