Collaborate Disseminate
An anonymous reader shares a report: Australia’s chief cyber security agency has decided local orgs should stop using the tech that forms the current cryptographic foundation of the internet by the year 2030 — years before other nations plan to do so … Continue reading Australia Moves To Drop Some Cryptography By 2030
Kaspersky experts analyze attacks by C.A.S, a cybergang that uses uncommon remote access Trojans and posts data about victims in public Telegram channels. Continue reading Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations
This file does not have a file extension. It is just labelled "data".
Starting next year:
Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before—short-lived certificates. Specifically, certificates with a lifetime of six days. This is a big upgrade for the security of the TLS ecosystem because it minimizes exposure time during a key compromise event.
Because we’ve done so much to encourage automation over the past decade, most of our subscribers aren’t going to have to do much in order to switch to shorter lived certificates. We, on the other hand, are going to have to think about the possibility that we will need to issue 20x as many certificates as we do now. It’s not inconceivable that at some point in our next decade we may need to be prepared to issue 100,000,000 certificates per day…
Continue reading Short-Lived Certificates Coming to Let’s Encrypt
Let’s say I’ve written a program for studying malware. When malware is detected, it is first encrypted and stored for later analysis.
Is encrypting malware a safe way to render it harmless?
In other words,
Can malware ever1 pose a threat w… Continue reading Can malware ever pose a threat when in encrypted form?
Let’s say I’ve written a program for studying malware. When malware is detected, it is first encrypted and stored for later analysis.
Is encrypting malware a safe way to render it harmless?
In other words,
Can malware ever1 pose a threat w… Continue reading Can malware ever pose a threat when in encrypted form?
The non-profit, free certificate authority Let’s Encrypt shared some news from their executive director as they approach their 10th anniversary in 2025:
Internally things have changed dramatically from what they looked like ten years ago, but outwardl… Continue reading Let’s Encrypt Announces New-Certificate-Every-6-Days Offering
America’s 1994 “Communications Assistance for Law Enforcement Act” (or CALEA) created the security hole that helped enable a massive telecomm breach. But now America’s FBI “is falling back on the same warmed-over, bad advice about encryption that it ha… Continue reading Was the US Telecom Breach Inevitable, Proving Backdoors Can’t Be Secure?
I have created a pgp keypair and uploaded the public key to keys.openpgp.org.
It included my email address.
A government service has now verified my citizen ID and signed my pgp public key user id (proof that the name on my ID matches with… Continue reading How can I "update" a pgp public key on a keyserver with a new signature for one of the user id
My friend asked me why his website seems weird on Google and why meta title seems to be “トリプルフローアイロン”.
After checking request logs on his hosting panel and checking files on FTP, it’s clear that the website was hacked by someone who wants … Continue reading Decrypting hacked wordpress files