Communications of the ACM
NIST Post-Quantum Cryptography Candidate Cracked
It took researchers in Belgium just an hour to crack the SIKE cryptographic algorithm.
From ACM NewsAn edited collection of advanced computing news from Communications of the ACM, ACM TechNews, other ACM resources, and news sites around the Web.
From ACM TechNews
New Attack Method to Bypass Popular Web Application Firewalls
Researchers devised a method that could be used by attackers to access sensitive business and customer information by bypassing Web application firewalls to infiltrate...
From ACM TechNews
CISA Warns of Critical Vulnerabilities in Industrial Control System Software
Industrial Control Systems advisories from the U.S. Cybersecurity and Infrastructure Security Agency focus on vulnerabilities in software from ETIC Telecom, Nokia...
From ACM TechNews
IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
Researchers at FortiGuard Labs reported that an Internet of Things (IoT) botnet malware identified in mid-June has been evolving rapidly.
From ACM TechNews
Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers
Researchers have found the operators of the Gootkit access-as-a-service malware now are using legal documents to get unsuspecting users to download them.
From ACM TechNews
Experts Uncover 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
Rootkit hides in firmware images of Gigabyte or ASUS motherboards, all related to designs using the H81 chipset.
From ACM TechNews
'Retbleed' Speculative Execution Attack Affects AMD, Intel CPUs
The "Retbleed" flaw targets older AMD and Intel central processing units as a channel for Spectre-based speculative-execution attacks.
From ACM TechNews
Multiple Backdoored Python Libraries Caught Stealing AWS Secrets, Keys
Packages found in the official third-party software repository include loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils.
From ACM News
MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched
The vulnerability is rooted in pointer authentication codes.
From ACM TechNews
Brokenwire Hack Could Let Remote Attackers Disrupt Electric Vehicle Charging
Researchers have identified a method for attacking the Combined Charging System and interrupting electric vehicle charging sessions.
From ACM TechNews
Flaws Discovered in Cisco's Network Operating System for Switches
Technology conglomerate Cisco has issued software patches to correct four security flaws that hackers could exploit to commandeer affected systems.
From ACM TechNews
Critical Wormable Security Flaw Found in Several HP Printer Models
F-Secure Labs researchers reported two eight-year-old vulnerabilities affecting 150 HP multifunction printers could be exploited to commandeer target devices.
From ACM News
Hackers Turning to 'Exotic' Programming Languages for Malware Development
For example, earlier this year, enterprise security firm Proofpoint discovered new malware written in Nim and Rust.
From ACM News
Cybersecurity Executive Order 2021: What It Means for Cloud and SaaS Security
Understanding the fundamentals of the White House Executive Order on Improving the Nation's Cybersecurity.
From ACM News
Poor Password Security Led to Recent Water Treatment Facility Hack
The breach involved an unsuccessful attempt by an adversary to increase sodium hydroxide in the water supply to dangerous levels via the water treatment plant's...
From ACM TechNews
Hackers-For-Hire Group Develops 'PowerPepper' In-Memory Malware
Kaspersky cybersecurity researchers revealed a previously undiscovered in-memory Windows backdoor for executing remote malware and stealing data.
From ACM TechNews
Hackers Targeting IoT Devices With a P2P Botnet Malware
Qihoo 360's Netlab security team has discovered the HEH Botnet, which hijacks Internet-connected smart devices to carry out nefarious tasks.
From ACM TechNews
Flaws in Top Antivirus Software Could Make Computers More Vulnerable
CyberArk researcher Eran Shimony has revealed security vulnerabilities in popular antivirus solutions.
From ACM TechNews
Critical Flaws Discovered in Popular Industrial Remote Access Systems
Researchers found critical defects in two popular industrial remote access systems that attackers could exploit.
From ACM News
Researchers Crack 1024-Bit Rsa Encryption in Gnupg Crypto Library
A team of researchers found that the "left-to-right sliding window" method used by the libgcrypt library for carrying out the mathematics of cryptography leaks...
From ACM Opinion