Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • ShinyHunters Hacked 100+ Organizations By Exploiting an Oracle PeopleSoft 0-Day
    by BeauHD on 12/06/2026 at 9:20 pm

    ShinyHunters claims it exploited a critical Oracle PeopleSoft zero-day to compromise more than 100 organizations, including the University of Nottingham, where it says it stole 40GB of student and billing data. "ShinyHunters posted the UK university on its data leak site on Tuesday before publishing the stolen files later that same day, presumably because the school refused to pay the extortion demand," reports The Register. From the report: "University of Nottingham on our leak site is one of the first publicly confirmed incidents," a ShinyHunters spokesperson told us. "We have only just started outreach to affected orgs and are actively looking to reach an agreement with affected orgs." They didn't say when they planned to post the other 100 or so claimed victims. A Google threat intelligence report published Thursday afternoon corroborated ShinyHunters' claims to have compromised more than 100 organizations. Google said it spotted malicious activity, "consistent with the exploitation of CVE-2026-35273," between May 27 and June 9, and notified more than 100 global orgs "whose IP addresses correlated with potentially vulnerable endpoints." Most of these, we're told, are based in the US and 68 percent are in the higher-education sector. Oracle has released a "patch availability document," but it's unclear whether a patch is currently available. Read more of this story at Slashdot.

  • Google Sues Chinese Cybercrime Operation That Used Gemini AI To Send Scam Texts
    by BeauHD on 12/06/2026 at 8:00 pm

    An anonymous reader quotes a report from TechCrunch: Google is suing to dismantle the infrastructure behind an alleged massive AI-powered cybercrime operation. On Friday, the tech giant announced a lawsuit against an alleged Chinese cybercrime network called Outsider Enterprise, which Google says uses AI in its campaigns to send scam text messages impersonating Google and other brands to steal passwords and credit card numbers. Outsider Enterprise has financially scammed "hundreds of thousands of victims" with losses "estimated in the millions." The group deployed 9,000 fake websites, 1 million fraudulent web domains, and 2.5 million texts sent to Android users in a two-week period, according to Google. "55,000 spam texts were flagged by Android users in just two weeks this past May -- that's more than two text spam complaints a minute," Google said. Google said it uses "AI-powered tools to fight AI-powered scams", which enable the company to detect scams and alert users of suspicious calls and text messages, leading to the interception of more than 10 billion scam messages a month. The company said it has been collaborating with AT&T, T-Mobile, and Verizon to block the scam text messages and said it is coordinating with the FBI, which is taking unspecified law enforcement actions. Read more of this story at Slashdot.

  • Touchscreen Macbook '100% Confirmed,' Says Reputable Leaker
    by BeauHD on 12/06/2026 at 7:00 pm

    A leaker with a strong Apple rumor track record says a touchscreen MacBook is "100% confirmed. If true, it would mark a major reversal for Apple, which has long argued that the Mac is built for indirect input rather than reaching up to touch a vertical screen. MacRumors reports: Instant Digital has a good track record for Apple rumors and has provided some strikingly accurate information in the past, so it's always worth noting what they have to say about Apple's plans. The claim is also backed by several recent reports. [...] Touchscreen support is expected to be one of several major upgrades coming to Apple's next-generation high-end MacBook Pro models. Other rumored features include M6 Pro and M6 Max chips, an OLED display, a Dynamic Island (i.e., no notch), and a thinner design. The new laptops could also adopt MacBook Ultra branding. Notably, macOS 27 Golden Gate also introduces a more touch-friendly interface, since Apple's Sidecar feature now allows users to tap and interact with macOS interface elements using a finger on their iPad. Apple apparently is not going to advertise the new MacBook Pro/Ultra as a touch-first device like the iPad -- it will be "touch-friendly, not touch-first," according to [Bloomberg's Mark Gurman]. In that sense, Apple will let customers use touch and mouse gestures interchangeably for all functions. Further reading: Steve Jobs Was Wrong About Touchscreen Laptops (2012) Read more of this story at Slashdot.

  • Microsoft Surface Flaw Allowed Unprotected Devices To Be Bricked By a Single Packet
    by BeauHD on 12/06/2026 at 6:00 pm

    Longtime Slashdot reader Dotnaught shares a report from The Register: For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the hardware to be bricked with a single packet, though only for those who have disabled Secure Core and Secure Boot. And the company's Copilot AI software inadvertently helped identify the faulty firmware. According to Jack Darcy, a security researcher based in Australia, his instance of Microsoft Copilot stumbled across the bug after being asked to adjust the screen backlighting on a Surface device. The Copilot-conjured Python script ended up rendering the researcher's laptop inoperable by overwriting the embedded controller firmware. "Copilot autonomously created and executed four progressively aggressive Python scripts during a probe for backlight control values that sent raw SSAM ioctl commands (SSAM_CDEV_REQUEST = 0xC028A501) directly to the SAM microcontroller through the SAM software path," Darcy explained to The Register. [...] "We appreciate the work of Jack Darcy and The Register for reporting this issue under a coordinated vulnerability disclosure," a Microsoft spokesperson said in a statement. "Our investigation found that a deprecated UEFI interface could trigger a boot loop on some devices. To trigger this loop, the user must have administrator privileges and have already disabled the Secure Boot security feature. We have released updates to address the issue for most impacted devices." That means managed devices are not at risk. But those using Linux, or Windows users who have disabled Secure Core and Secure Boot for gaming, or who use custom Windows drivers, or who have USB boot enabled, may still be vulnerable if their systems haven't received the update. We're uncertain about the range of Surface devices affected. Our source said it appears to be all of them (Surface Laptops 3-6, Surface Book 1-3) except for Surface Go models. ARM variants, however, have not been tested. The report notes that Microsoft is planning to move the Surface stack to a more secure architecture based on Rust code. "Our most recent Surface for Business hardware features a major architectural shift in terms of improved reliability and security that spans our embedded controller, UEFI, but also some of our drivers," said David Abzarian, chief architect for Microsoft Surface. "We're investing in the most secure foundation for a PC by building our embedded controller firmware from the ground up in Rust (as part of leveraging and contributing to the Open Device Partnership (ODP)) in addition to a rewrite of the UEFI DXE Core in Rust; these projects are known as Secure EC and Project Patina respectively." "We're also not only shipping some of our drivers written in Rust, but also helping co-develop the framework Windows Drivers in Rust (WDR) to help enable a broad set of partners in the Windows ecosystem to capitalize on these benefits. I will also note that all of these efforts are open-source promoting one of our key security principles around transparency." Read more of this story at Slashdot.

  • Sam Bankman-Fried Loses Bid To Overturn Crypto Fraud Conviction
    by BeauHD on 12/06/2026 at 5:00 pm

    Sam Bankman-Fried lost his appeal to overturn his FTX fraud conviction and 25-year sentence. Reuters reports: In a unanimous decision, a three-judge panel of the Manhattan-based 2nd U.S. Circuit Court of Appeals said prosecutors' evidence against Bankman-Fried "was, conservatively stated, robust." "While he was publicly reassuring customers, investors and regulators that FTX customer funds were safe, he was simultaneously using FTX as his own personal piggy bank, spending customer funds on real estate, political contributions, and investments," Circuit Judge Barrington Parker wrote on behalf of the panel. Bankman-Fried's lawyers did not immediately respond to a request for comment. They may next ask all the active judges on the 2nd Circuit to hear the case, or ask the U.S. Supreme Court to take up the case. Bankman-Fried is also seeking a pardon from President Donald Trump, according to the Justice Department's Office of the Pardon Attorney. Bankman-Fried was sentenced to 25 years in prison in 2024 for "masterminding one of the largest financial frauds in American history," wrote US District Judge Lewis Kaplan. He was convicted on all charges, including wire fraud, conspiracy to commit securities fraud, commodities fraud, and money laundering. Read more of this story at Slashdot.

  • Infineon to Open German Chip Fab as Part of EU Sovereignty Push
    by BeauHD on 12/06/2026 at 4:00 pm

    Infineon is set to open a $5.8 billion power-chip fab in Dresden on July 2, backed by about $1.1 billion in EU Chips Act subsidies. The plant will make power semiconductors for AI data centers and could eventually add up to $5.8 billion in annual revenue as demand for AI infrastructure strains global electricity systems. Bloomberg reports: Infineon, traditionally a chipmaker for the automotive industry, has increasingly benefited from soaring demand for power chips used in AI data centers, which will be produced at the new facility. "The AI data centers currently being built and planned around the world will consume twice as much electricity in 2030 as they do today," [said Chief Operating Officer Alexander Gorski]. "That's as much as the entire Federal Republic of Germany." Chip production at the Dresden fab will be scaled over time depending on demand, potentially adding as much as 5 billion euros in revenue per year, Gorski said, declining to comment on when full capacity will be reached. The company has invested around 2 billion euros on construction and the remaining amount will be spent over time to add more machines to the fab, he added. The new facility is "a key catalyst," Bank of America analysts including Didier Scemama wrote in a note last week. Demand from Al customers is materially above Infineon's current capacity, they said, adding the imbalance could improve in the 2027 and 2028 financial years. The analysts raised their Al power revenue forecast for the company by 500 million euros to 4.5 billion euros for 2028. Infineon expects data center-related revenue to rise from around 1.5 billion euros in fiscal 2026 -- roughly 10% of sales -- to 2.5 billion euros in 2027, it said last month. The hundreds of billions of dollars being invested in AI are driving the rapid expansion of data center capabilities around the world. Infineon doesn't produce advanced AI chips, like those designed by Nvidia. But the power semiconductors it plans to produce in Dresden are still needed for AI infrastructure. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress