Friday, 27 July 2012

RSA Research Unit Hunts Cyber-Threats 'That Don't Have Names'

This article reports from the Black Hat conference about new work to detect cyber threats before they attack (when it is too late - see Stuxnet!). There's not a lot of detail but I expect to see a lot more research like this coming to the fore.

Monday, 2 July 2012

Researchers Demonstrate Practical Key Recovery Attack Against Smart Cards & Security Tokens

The story here is that researchers have shown it is now practical to use well known key recovery attacks on smart cards that use old encryption standards. The standards have been known to be vulnerable for some years to a particular attack method - in one case since 1998! The attacks require hundreds of thousands of attempts and so were previously thought to be impractical. But new research and performance improvements have made the cards vulnerable.