OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks

Posted by & filed under Security News.

In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown they have one thing in common and That’s OpenSSH. As a proof-of-concept, many researchers demonstrated their side-channel attacks against OpenSSH application installed on a targeted computer, where an unprivileged… Read more »

Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities

Posted by & filed under Security News.

After Adobe, the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products. This month’s security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity. The… Read more »

Telegram Suffers ‘Powerful DDoS Attack’ From China During Hong Kong Protests

Posted by & filed under Security News.

Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers. Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be… Read more »

Cryptocurrency Firm Hacked Its Customers to Protect Their Funds From Hackers

Posted by & filed under Security News.

Are you using Komodo’s Agama Wallet to store your KMD and BTC cryptocurrencies? Were your funds also un-authorisedly transferred overnight to a new address? If yes, don’t worry, it’s probably safe, and if you are lucky, you will get your funds back. Komodo, a cryptocurrency project and developer of Agama wallet, adopted a surprisingly unique… Read more »

Cybercriminals Competing for Cryptocurrency Mining Foothold

Posted by & filed under Security News.

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back to September 2018 the Pacha Group has deployed undetected crypto-mining malware to infiltrate Linux servers and mine cryptocurrency without user permissions. One of the more notable observations discerned by Intezer researchers was the… Read more »