We’ve succesfully conducted a fault attack against EdDSA that allowed us to recover enough secret key material to produce fake signatures for any message in a way a verifier cannot detect.
Tag: Security
A perspective on the state of the SSLiverse as of early 2016
tl;dr; Most studies about SSL tend to use SSL information retrieved by DNS domain names. This article provides an overview of the SSLiverse when SSL
Sphinx Moth: Expanding our knowledge of the “Wild Neutron” / “Morpho” APT
The Kudelski Security Cyber Fusion Center together with the KS-CERT has been monitoring and investigating the “Sphinx Moth” threat activity since mid-2014. When Kaspersky and
Knock knock. Who’s there? Not me.
tl;dr; Port scanning the entire IPv4 address space daily for months at a time generates a lot of very juicy data — and more than a
31c3 – A New Dawn
Co-authored by meatwad and adr13n We attended the 31c3 — a New Dawn conference which took place in Hamburg, Germany from the 27th of December 2014
OpenSSH hardening for cloud machine – part 1
SSH is often required to access Linux machines that run on the Cloud infrastructure. SSH is perfect to keep confidentiality and integrity of data exchanged between two
