estonia – Page 3 – WindowsTechs.com

Lessons Learned from the Estonian National ID Security Flaw

Posted on December 18, 2017 by Bruce Schneier

Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident: In the future, the infrastructure dependency on one digital identity platform must be decreased, the use of several alternatives must be encouraged and promoted. In addition, the update and replacement capacity, both remote and… Continue reading Lessons Learned from the Estonian National ID Security Flaw→

A week in security (October 30 – November 5)

Posted on November 6, 2017 by Malwarebytes Labs

Learn what happened in the world of security during the week of October 30 through November 5. Data breaches, reports, vulnerabilities, and a look at the scariest malware monsters.

Categories:

Tags: apac cybercrime cybercriminals Estonia IRISSCON TorMoil WannaCry

(Read more…)

The post A week in security (October 30 – November 5) appeared first on Malwarebytes Labs.

The post A week in security (October 30 – November 5) appeared first on Security Boulevard.

Continue reading A week in security (October 30 – November 5)→

Security Flaw in Infineon Smart Cards and TPMs

Posted on October 17, 2017 by Bruce Schneier

A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes creates public keys that are vulnerable to Coppersmith’s attack: While all keys generate… Continue reading Security Flaw in Infineon Smart Cards and TPMs→

Security Flaw in Infineon Smart Cards and TPMs

Posted on October 17, 2017 by Bruce Schneier

A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes creates public keys that are vulnerable to Coppersmith’s attack: While all keys generated with the library are much weaker than they should be, it’s not currently practical to factorize all of them. For example,… Continue reading Security Flaw in Infineon Smart Cards and TPMs→

Charges of political hacking emerge as major German federal election approaches

Posted on September 6, 2017 by Patrick Howell O'Neill

It just wouldn’t be a modern day election without the possibility of cyberattacks and international conflict casting a shadow over the process. With the German federal election approaching on Sept. 24, a political ally of Chancellor Angela Merkel said her website was the subject of around 3,000 attempted cyber attacks in the run up to Sunday’s crucial televised debate. Julia Kloeckner, vice chairman of Merkel’s Christian Democratic Union (CDU) party, did not explain the nature of the attacks but said “many of the senders have Russian IP addresses.” Germany’s Federal Office for Information Security (BSI) confirmed to CyberScoop they are in contact with CDU over the alleged attacks but could not discuss specific details. The party did not respond to inquiries about the exact nature of the attacks. The vagueness left experts wondering if the thousands of “attacks” are actually something far less severe such as vulnerability scans or a denial of service […]

The post Charges of political hacking emerge as major German federal election approaches appeared first on Cyberscoop.

Continue reading Charges of political hacking emerge as major German federal election approaches→

Security Flaw in Estonian National ID Card

Posted on September 5, 2017 by Bruce Schneier

We have no idea how bad this really is: On 30 August, an international team of researchers informed the Estonian Information System Authority (RIA) of a vulnerability potentially affecting the digital use of Estonian ID cards. The possible vulnerability affects a total of almost 750,000 ID-cards issued starting from October 2014, including cards issued to e-residents. The ID-cards issued before… Continue reading Security Flaw in Estonian National ID Card→

Global malware attack ‘most likely’ carried out by a nation-state, NATO-sponsored researchers say

Posted on July 3, 2017 by Patrick Howell O'Neill

The search for the source of last week’s global malware attacks continues as experts are increasingly pointing toward Russian involvement in the incident. The NATO-affiliated Cooperative Cyber Defence Centre of Excellence (CCD COE) in Tallinn, Estonia, concluded last week that the attack was “most likely” carried out by a nation-state. The report followed a string of separate analyses that said the attacks appeared to have Russian sources. CCD COE researchers pointed to the sophistication of the malware. “In the case of NotPetya, significant improvements have been made to create a new breed of ultimate threat,” said one of the researchers, Bernhards Blumbergs. “Among all new features, the malware has been more professionally developed in contrast with sloppy WannaCry, and instead of scanning the whole Internet it is more targeted and searches for new hosts to infect deeper on local computer networks once initial breach has occurred.” The assertion by NATO-sponsored researchers that a nation-state probably spread the malware only intensifies questions […]

The post Global malware attack ‘most likely’ carried out by a nation-state, NATO-sponsored researchers say appeared first on Cyberscoop.

Continue reading Global malware attack ‘most likely’ carried out by a nation-state, NATO-sponsored researchers say→