Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: encryption

Quantum memories reach new milestone with secure quantum money protocol

Integration into a quantum money protocol shows that memories can now handle very demanding applications for quantum networking.

Researchers at the Kastler Brossel Laboratory (Sorbonne Université, CNRS, ENS-Université PSL, Collège de France), together with colleagues from LIP6 (Sorbonne Université, CNRS), have taken a major step forward in : for the first time, they have integrated an optical quantum memory into a cryptographic protocol. This achievement, based on Wiesner’s unforgeable quantum money scheme, demonstrates that quantum memories are now mature enough to operate under very demanding conditions for networking.

In a study published on September 19 in Science Advances, the Paris team implemented Wiesner’s quantum money, a foundational idea in that relies on the no-cloning theorem to prevent counterfeiting. Unlike previous demonstrations that bypassed storage, this experiment incorporated an intermediate memory step—an essential capability for real-world applications where quantum data must be held and released on demand.

If quantum computing is answering unknowable questions, how do we know they’re right?

Quantum computing promises to solve the seemingly unsolvable in fields such as physics, medicine, cryptography and more.

But as the race to develop the first large-scale, error-free commercial device heats up, it begs the question: how can we check that these ‘impossible’ solutions are correct?

A new Swinburne study is tackling this paradox. The paper is published in the journal Quantum Science and Technology.

New HybridPetya ransomware can bypass UEFI Secure Boot

A recently discovered ransomware strain called HybridPetya can bypass the UEFI Secure Boot feature to install a malicious application on the EFI System Partition.

HybridPetya appears inspired by the destructive Petya/NotPetya malware that encrypted computers and prevented Windows from booting in attacks in 2016 and 2017 but did not provide a recovery option.

Researchers at cybersecurity company ESET found a sample of HybridPetya on VirusTotal. They note that this may be a research project, a proof-of-concept, or an early version of a cybercrime tool still under limited testing.

Over 16,000 compromised servers uncovered using Secure Shell key probing method

An international research team from the Max Planck Institute (MPI) for Informatics in Saarbrücken, Germany, and the Delft University of Technology in the Netherlands has developed a method to detect compromised hosts at an internet scale by probing servers with public SSH keys previously observed in attacker operations.

This way, the team was able to identify more than 16,000 compromised hosts. Their findings have now been published at the USENIX Security Symposium 2025, where they were awarded a Distinguished Paper Award and the Internet Defense Prize.

Secure Shell (SSH) is one of the most common tools used to manage remotely. It provides a secure, encrypted channel between a client and a server, allowing users to log in, execute commands, and transfer files safely. SSH is widely used by system administrators and developers for maintaining and configuring remote systems.

Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks

The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments.

“Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key, cloud-based ransomware introduces a fundamental shift,” the Microsoft Threat Intelligence team said in a report shared with The Hacker News.

“Leveraging cloud-native capabilities, Storm-0501 rapidly exfiltrates large volumes of data, destroys data and backups within the victim environment, and demands ransom — all without relying on traditional malware deployment.”

Storm-0501 hackers shift to ransomware attacks in the cloud

Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion.

The hackers now abuse native cloud features to exfiltrate data, wipe backups, and destroy storage accounts, thereby applying pressure and extorting victims without deploying traditional ransomware encryption tools.

Storm-0501 is a threat actor who has been active since at least 2021, deploying the Sabbath ransomware in attacks against organizations worldwide. Over time, the threat actor joined various ransomware-as-a-service (RaaS) platforms, where they used encryptors from Hive, BlackCat (ALPHV), Hunters International, LockBit, and, more recently, Embargo ransomware.

Experimental PromptLock ransomware uses AI to encrypt, steal data

Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows, macOS, and Linux systems.

The malware uses OpenAI’s gpt-oss:20b model through the Ollama API to dynamically generate the malicious Lua scripts from hard-coded prompts.

/* */