Collaborate Disseminate
Recently, I read news about Facebook acquired the Onavo VPN company to monitor Snapchat users’ traffic. It seems they executed a Man-in-the-Middle attack by replacing the certificate. But could they have executed the same attack if Snapcha… Continue reading Can a VPN company perform a MiTM attack if SSL Pinning is in place?
I need to establish a secure method for transmitting shared secret keys between a mobile app and an API server to ensure the integrity of the data.
When initially exchanging shared secret keys, I’am employ X25519. However, if a previously … Continue reading Secure Transmission of Secret Keys Between Mobile App and API Server
So I was reading through an article about how passwords are salted and hashed through a cryptographic function here, and found out that hashed passwords, along with the plaintext salt values are stored in the database.
Now, I was wondering… Continue reading Question about storing salt values and hashed passwords in the database [duplicate]
I generate a random string of 32 characters and then compute the SHA-512 hash then I encrypt the unhashed string. I then save the encrypted text and hash to the database. Is it okay to store the hash of the original text? Will it make the … Continue reading Storing the hash of the plaintext and the encrypted plaintext next to each other [closed]
I generate a random string of 32 characters and then compute the SHA-512 hash then I encrypt the unhashed string. I then save the encrypted text and hash to the database. Is it okay to store the hash of the original text? Will it make the … Continue reading Storing the hash of the plaintext and the encrypted plaintext next to each other [closed]
Phrased differently, can an encrypted malware still act ? Not encrypted by design, but after the fact. And can it still be detected by an antivirus when in encrypted form ? (Given it is when in decrypted form)
Continue reading Does encrypting a virus / malware renders it inactive? [closed]
I generate a random string of 32 characters and then compute the SHA-512 hash then encrypt the unhashed string. I then save the encrypted text and hash to the database. Is it okay to store the hash of the original text? Will it make the en… Continue reading Storing the hash of the plaintext and the encrypted plaintext next to each other [closed]
There are several plain text and encrypted text like:
Plain text
Encrypted text
10101004535
7Za9kHM9OH6tKTrtxy86gw==
10860586924
/nwjXW3MYkcATRS5Xyjx/A==
10480090635
/F0D9ePZffTIiH/P8mK+kw==
10861778058
VUtRdsB/qYOUflYzeF3G6A=… Continue reading Relation between plain text and encrypted in URL [duplicate]
It’s yet another hardware side-channel attack:
The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years…
Continue reading Hardware Vulnerability in Apple’s M-Series Chips
There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030. This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card […]
The post 3 Strategies to overcome data security challenges in 2024 appeared first on Security Intelligence.
Continue reading 3 Strategies to overcome data security challenges in 2024