M32 Security » RSA http://m32consulting.com Network Security Info, News, and Resources Sun, 22 Jan 2012 23:37:02 +0000 en hourly 1 Conficker: The Proactive Worm Ahead Of The Curvehttp://m32consulting.com/2010/08/conficker-the-proactive-worm-ahead-of-the-curve/?utm_source=rss&utm_medium=rss&utm_campaign=conficker-the-proactive-worm-ahead-of-the-curve http://m32consulting.com/2010/08/conficker-the-proactive-worm-ahead-of-the-curve/#comments Sun, 08 Aug 2010 19:26:15 +0000 Kyle http://m32consulting.com/?p=152 An interesting article over at The Register shows how the now infamous ~6 million strong Conficker botnet/worm stays ahead of the curve in terms of Information Security by staying proactive and paranoid in how it is managed. Although the classification of the worm only goes from A through E, the botnet itself is ever-evolving; creating a nightmare for researchers world-wide in detection and cleansing of infected machines. It is unknown who runs the botnet, but it is known that the technical skill behind its command is very much on the bleeding-edge of security as well as social engineering. For instance, the worm uses simple exploits to infect Windows machines, but it phones home to domain names which can no longer be predicted and shut-down to receive new instructions and updates to the code that infects the machine. It has used scareware in the past to spread as well, such as bogus security software. It has even gone so far as to actually remove or fix other security threats on an infected machine to avoid detection. It constantly stays up-to-date and often mitigates even the newest anti-malware tools designed to remove it.

What makes it so hard to remove is its inability to be cracked. It has used the MD6 cryptographic hash function that was a candidate for the NIST SHA-3 Hash Competition with a 4096-bit RSA key. Even when a buffer-overflow vulnerability was discovered in MD6, the botnet’s owner corrected the implementation within a matter of days. There is an entire working group called The Conficker Working Group tasked entirely to the botnet, which has yet to break-in and take any sort of control away from whoever runs it.

In-depth article at The Register

Tags: , , , , , , , , , , , ,
]]> http://m32consulting.com/2010/08/conficker-the-proactive-worm-ahead-of-the-curve/feed/ 0 IBM Creates Algorithm For Fully Homomorphic Encryptionhttp://m32consulting.com/2009/10/ibm-creates-algorithm-for-fully-homomorphic-encryption/?utm_source=rss&utm_medium=rss&utm_campaign=ibm-creates-algorithm-for-fully-homomorphic-encryption http://m32consulting.com/2009/10/ibm-creates-algorithm-for-fully-homomorphic-encryption/#comments Sun, 04 Oct 2009 05:22:45 +0000 Kyle http://m32consulting.com/?p=47 IBM has claimed that it has made a breakthrough in data security that could potentially usher in a new era of manipulation of sensitive encrypted data without revealing what the data actually is. The idea isn’t new, Ronald Rivest (the R in RSA) thought it up thirty years ago; thinking it to be too infeasible to ever implement. The future implications on data security are very promising to say the least.

Read the whole story over at SmartPlanet

Tags: , , , , , , , , , , , ,
]]> http://m32consulting.com/2009/10/ibm-creates-algorithm-for-fully-homomorphic-encryption/feed/ 0