Keys

  • Blog
    digitpatrox2 weeks ago
    41

    New Crocodilus malware steals Android users’ crypto wallet keys

    A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. Although Crocodilus is a new banking malware, it features fully developed capabilities to take control of the device, harvest data, and remote control. Researchers at fraud prevention company ThreatFabric say that the malware…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    42

    Millions of RSA encryption keys could be vulnerable to attack

    Millions of RSA encryption keys contain major flaws, making them vulnerable to attack, according to new research. Analysis from Keyfactor found around 1 in 172 of all certificates found online are susceptible to compromise through a mathematical attack, equating to potentially millions of keys. The vulnerability mainly affects Internet of Things (IoT) devices, but is a risk for any system…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    201

    New Akira ransomware decryptor cracks encryptions keys using GPUs

    Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. Nugroho developed the decryptor after being asked for help from a friend, deeming the encrypted system solvable within a week, based on how Akira generates encryption keys using timestamps. The project…

    Read More »
  • Blog
    digitpatroxMarch 7, 2025
    49

    12,000 API keys and passwords were found in a popular AI training dataset – experts say the issue is down to poor identity management

    The discovery of almost 12,000 valid secrets in the archive of a popular AI training dataset is the result of the industry’s inability to keep up with the complexities of identity management, experts have told ITPro. Researchers at Truffle Security found nearly 12,000 ‘live’ API keys and passwords when analysing the Common Crawl archive used to train open source LLMs…

    Read More »
  • Blog
    digitpatroxMarch 3, 2025
    55

    Rubrik rotates authentication keys after log server breach

    Rubrik disclosed last month that one of its servers hosting log files was breached, causing the company to rotate potentially leaked authentication keys. The company has confirmed to BleepingComputer that the breach was not a ransomware incident and that it did not receive any communication from the threat actor. Rubrik is a cybersecurity company that specializes in data protection, backup,…

    Read More »
  • Blog
    digitpatroxFebruary 6, 2025
    292

    Microsoft says attackers use exposed ASP.NET keys to deploy malware

    Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, some developers use ASP.NET validationKey and decryptionKey keys (designed to protect ViewState from tampering and information disclosure) found on code documentation and repository platforms in their own software. However, threat actors also use…

    Read More »
  • Blog
    digitpatroxJanuary 4, 2025
    181

    Malicious npm packages target Ethereum developers’ private keys

    Twenty malicious packages impersonating the Hardhat development environment used by Ethereum developers are targeting private keys and other sensitive data. Collectively, the malicious packages have recorded more than one thousand downloads, researchers say. Narrow targeting campaign Hardhat is a widely used Ethereum development environment maintained by the Nomic Foundation. It is used for developing, testing, and deploying smart contracts and decentralized…

    Read More »
  • Blog
    digitpatroxDecember 6, 2024
    131

    Seven Tricks to Help You Stop Losing Your Phone (and Wallet, and Keys)

    We may earn a commission from links on this page. According to a recent survey, Americans lose five things every month and spend about 17 hours searching for those things every year. If you lose your keys, wallet, or phone on a regular basis, you’re not alone. And while repeatedly losing items can be a sign of conditions such as…

    Read More »
  • Blog
    digitpatroxNovember 10, 2024
    146

    Malicious PyPI package with 37,000 downloads steals AWS keys

    A malicious Python package named ‘fabrice’ has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to application security company Socket, the package has been downloaded more than 37,000 times and executes platform-specific scripts for Windows and Linux. The large number of downloads is accounted by fabrice typosquatting the legitimate SSH remote server…

    Read More »
  • Blog
    digitpatroxOctober 23, 2024
    136

    AWS, Azure auth keys found in Android and iOS apps used by millions

    Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches. Exposing this type of credentials can easily lead to unauthorized access to storage buckets and databases with sensitive user data. Apart from this, an attacker could use…

    Read More »
Load More
Back to top button
close