crypto

A new side-channel vulnerability has been found called PortSmash that uses a timing attack that to steal info from other processes running in the same CPU core with SMT/hyper-threading enabled. Utilizing this attack, researchers were able to steal the private decryption key from an OpenSSL thread running in the same core asRead More →

crypto

A Telegram malware called Telegrab targets Telegram’s desktop instant messaging service to collect and exfiltrate cache data. Expert Michael Cobb explains here how Telegrab works. Telegram malware known as Telegrab has targeted the encrypted messaging service, according to Cisco Talos. How does Telegrab get around Telegram’s end-to-end encryption? Telegram isRead More →

crypto

Tinder, the popular online dating application, says it is taking steps to better secure the privacy of its users by encrypting some of its data. Match Group Inc., the parent company that operates Tinder, told Sen. Ron Wyden (D-Ore.) in a letter dated Wednesday that its swiping data and images on the application are better protected againstRead More →

Cryptography

Microsoft has recently published an interesting open source project called “PQCrypto-VPN” which implements post-quantum cryptography (PQC) within OpenVPN. Being developed by the Microsoft Research Security and Cryptography group as part of their research into post-quantum cryptography, this fork is being used to test PQC algorithms and their performance and functionality when used withRead More →