Archive | Cryptography


15 November 2011 | 20,400 views

Private Signed Certificate From Malaysian Government Used To Spread Malware

It wasn’t too long ago (about 6 months) when we reported about Malaysia Government Sites Under Attack From Anonymous – which was somewhat suspicious. And well that’s about the only story we’ve had about Malaysia really. Perhaps that incident and spate of attacks and intrusions had something to do with this most recent story, the [...]

Continue Reading


06 October 2011 | 9,740 views

CIAT – The Cryptographic Implementations Analysis Toolkit

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads. This was [...]

Continue Reading


16 August 2011 | 11,939 views

Mediggo – Tool To Detect Weak Or Insecure Cryptosystems Using Generic Cryptanalysis Techniques

Mediggo is an opensource cryptanalysis library. This library implements generic cryptanalysis techniques to detect weak or insecure cryptosystems or learn and practice with cryptanalysis. This library is open source (LGPL licence) and written in C programming language. Samples and test cases are provided with each techniques: the solution is not always given to make people [...]

Continue Reading


07 June 2011 | 11,618 views

RSA Finally Admits 40 Million SecurID Tokens Have Been Compromised

Well we did say assume SecurID was broken back in March when we wrote – RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken. With the recent news Lockheed Martin Hacked – Rumoured To Be Linked to RSA SecurID Breach and another US Military sub-contractor compromised through SecurID tokens – RSA have [...]

Continue Reading


31 May 2011 | 7,256 views

Lockheed Martin Hacked – Rumoured To Be Linked to RSA SecurID Breach

You all probably remember the big kerfuffle that occurred after RSA got hacked, it was widely assumed that the SecurID system was compromised somehow and could not be relied on. We reported about it in the article – RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken – where we questioned their [...]

Continue Reading


20 May 2011 | 12,087 views

Google Proposes Way To Speed Up SSL Handshake

I’m always interesting when it comes to cryptography and cryptographic trickery. We all know, the main problem with SSL is speed – it can really slow your surfing experience down and for most people it annoys them enough to just not use it. Google researchers claim they’ve devised a way to reduce that painful wait [...]

Continue Reading


02 May 2011 | 8,527 views

sslsnoop v0.6 – Dump Live Session Keys From SSH & Decrypt Traffic On The Fly

sslsnoop dumps live session keys from openssh and can also decrypt the traffic on the fly. Works if scapy doesn’t drop packets. using pcap instead of SOCK_RAW helps a lot now. Works better on interactive traffic with no traffic at the time of the ptrace. It follows the flow, after that. Dumps one file by [...]

Continue Reading


25 March 2011 | 8,605 views

RSA Silent About Compromise For 7 Days – Assume SecurID Is Broken

About a week ago we tweeted about the “Open Letter” from RSA to customers, a rather vague letter. If you haven’t read it yet, you can do so here. To summarise, they basically said “Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA. [...] Our investigation also revealed [...]

Continue Reading


28 January 2011 | 10,205 views

Happy New Year Geohot – Court Orders Seizure Of PS3 Hacker’s Computers

We published the story about the Playstation 3 (PS3) Finally Hacked & Exploit Released back in January 2010. The exploit of course developed by the very prolific hacker and jailbreaker extraordinaire Geohot. He became notorious way back in 2007 by fulling unlocking the iPhone and then again in 2008 by jailbreaking the iPhone running 1.12 [...]

Continue Reading


06 January 2011 | 18,431 views

Researchers Hack Mobile Calls On GSM Network

Gotta love a bit of hardware hacking in the new year, this Karsten Nohl guy has been busy lately – he recently exposed Car Immobilisers Using Weak Encryption Schemes and more relevant to this article we’ve written about him and GSM Hacking Coming To The Masses Script Kiddy Style before. This kind of GSM snooping [...]

Continue Reading