Computing GCD (Greatest Common Divisor) between 36 trillion pairs of #RSA keys should have taken years, but a team of researchers were able to break 12,934 keys it in a few hours on a single core.
Here’s how they did it → https://algorithmsoup.wordpress.com/2019/01/15/breaking-an-unbreakable-code-part-1-the-hack/
Since @Medium blogging platform allows its users to use look-a-like characters (Homograph attack) in the publication URLs, @ajdumanhug warned it's quite easy to spoof any publication, especially widely-read publications, and spread fake news or scams.
Good... @Stanford University launches Bug Bounty Program
But → "in order to take part in this program, you must be a Stanford student (undergraduate/graduate), postdoc, or full-time benefits eligible employee."
DNSfs — A strategy (and tool) to store your files in DNS resolver caches
PS: Though it’s an year-old post, you may find it interesting. https://t.co/HcndRjuXFh
WHAT? Isn't TLS f̶̷a̶̷s̶̷t̶̷ secure yet?
Isn't #TLS HTTPS protecting majority of the Internet, which is not e2e protected, and successful interception of which could even expose your login credential/cookies for any site?
OR, Did we miss something? 🤔 https://t.co/t7POKyPhKv
Ukrainian Police BUSTED Two Separate Gangs of Cyber Criminals
• 4 Hackers, aged 26-30 years, for hacking Ukrainians and stealing 5 million Hryvnia
Unprotected "Oklahoma Securities Commission" Server Exposes a Massive 3 TB of Government Database Containing Millions of Sensitive Files Related to Years of #FBI Investigations
Leaked data also includes credentials for remote access to ODS workstations https://t.co/4pC1aJpo5P
UPDATE NOW. https://t.co/5JjDtYYH8j
More thoughts on MSI/JAR Authenticode Bypass by @nightwatchcyber
Problem→ Windows trusts all #Windows Installer (.MSI) files signed by a trusted developer even if attackers modify them to append any malicious JAR code
Solution→ @VirusTotal is working with @Microsoft to find better ways to detect such malformed files