November 29, 2023 | International, Defence and Security
A new report reveals an ongoing Android malware campaign targeting Iranian banks with over 200 malicious apps.
https://thehackernews.com/2023/11/200-malicious-apps-on-iranian-android.html
September 11, 2023
Et si des pirates informatiques pouvaient causer l'écrasement d'un avion? Prendre le contrôle d'un drone militaire, interférer avec un satellite ou accéder aux informations de la chaîne d'approvisionnement d'une entreprise aérospatiale? Ces scénarios peuvent sembler futuristes, mais la réalité est que certains d'entre eux se produisent déjà à l'heure actuelle
May 26, 2023
On February 7, 2023, the National Institute of Standards and Technology (NIST) in the United States announced its selection for the standardization of lightweight cryptography (LWC). The winner is the Ascon lightweight family of algorithms, which includes mechanisms that can perform authenticated encryption with associated data (AEAD) as well as cryptographic hashing. Ascon was initially designed in 2014 by European cryptographers from Graz University of Technology, Infineon Technologies, Lamarr Security Research and Radboud University. NIST initiated its selection process to standardize LWC algorithms in 2018 and conducted significant analysis of submissions over several years and multiple rounds. NIST plans to publish the standard later in 2023. Although this announcement is an important step towards standardization, the Cyber Centre continues to advise organizations to wait until the final standard is published and further guidance is released before using this suite of algorithms for secure communication and data storage. It is important to note that lightweight algorithms are designed for constrained use cases and are not recommended for general use applications. We continue to recommend AES with GCM or CCM for AEAD and the SHA2/3 families for hashing in our guidance for cryptographic algorithms (ITSP.40.111). About lightweight cryptography In our National Cyber Threat Assessment 2023-2024, we noted that the rapid expansion of Internet-connected operational technology and smart systems is an evolving cyber security risk. These systems include small devices, such as Internet of things devices, which have limited resources and for which traditional cryptographic algorithms may be an operational burden. This is where LWC comes in. LWC has the potential to improve the cyber security of small devices with unique cryptography needs. Whereas traditional cryptography can be very efficient in servers, personal computers and smart phones, LWC offers a solution that reduces the resource requirements of cryptography. These algorithms, while being cryptographically secure, are designed to run efficiently in hardware constrained by physical size and power as well as in software limited by memory and code size. Examples include contactless smart cards, radio frequency identification devices, healthcare devices, distributed control systems, cyber physical systems and so on. https://www.cyber.gc.ca/en/news-events/nist-announces-lightweight-cryptography-selection
March 3, 2024
Cybersecurity researchers have discovered a new variant of the BIFROSE remote access trojan targeting Linux systems, employing deceptive domains to mi