NIST has finalized a lightweight cryptography standard to protect small networked devices like IoT, RFID tags, and medical implants.
The standard, titled 'Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST Special Publication 800-232)', is designed for resource-constrained electronics.
The standard is built around the Ascon family of cryptographic algorithms, selected after a public review process.
Ascon was developed in 2014 and emerged as a top choice in the 2019 CAESAR competition.
Four Ascon variants are included, focusing on authenticated encryption (AEAD) and hashing for different use cases.
ASCON-128 AEAD provides encryption and data authenticity, with resistance to side-channel attacks.
ASCON-Hash 256 creates short 'fingerprint' hashes to ensure data integrity, useful for software updates and digital signatures.
ASCON-XOF 128 and ASCON-CXOF 128 allow adjustable hash sizes, saving time and energy for small devices.
ASCON-CXOF 128 also supports custom labels to prevent hash collisions in multiple devices.
NIST aims for the standard to be expandable, with potential future additions like a dedicated message authentication code.
Millennials (55%) and Boomers (59%) still rely on memory or pen and paper for password management.
Gen Z leads in password manager adoption, showing awareness of cybersecurity risks.
Security experts recommend standalone password managers (e.g., Bitwarden) over browser-based options due to superior security, usability, and cross-platform compatibility.
Browser-based password managers pose risks as they are tied to browser accounts, making them vulnerable if login details are compromised.
Experts advise against browser-based password managers due to historical security concerns and lack of robust protection.
Built-in password managers (e.g., Google Password Manager, Safari) are device-specific and lack cross-platform functionality.
Dedicated password managers offer zero-knowledge encryption, ensuring only the user can decrypt their data.
Browser-based solutions often lack advanced features like password generation, breach alerts, and secure sharing.
Only 36% of American adults use password managers, with many avoiding them due to misconceptions about usability.
Dedicated password managers provide enhanced security, universal compatibility, advanced features, and business continuity.
Embedded Linux systems often use Weston as a Wayland compositor for window management.
Qt applications typically run as Wayland clients, with Weston composing their windows into a single display.
Running Qt applications as root violates the cybersecurity principle of least privilege, a concern highlighted by the EU Cyber Resilience Act (EU CRA).
The issue stems from permissions on the Wayland socket file `/run/wayland-0`, which restricts communication to root or the `weston` user.
Two potential solutions are proposed: running applications as the `weston` user or adjusting socket permissions to include other users.
A detailed approach involves modifying Yocto recipes to ensure Weston and Qt applications run as non-root users, with static user IDs for consistency.
The solution includes changes to `weston.service`, `weston.socket`, and the creation of an environment file `/etc/default/weston-client` for shared settings.
This ensures Wayland clients and server use the same socket file name, enhancing system security and compliance with EU CRA.
Tom Artiom Alexandrovich, an Israeli government cybersecurity official, was arrested in Las Vegas for allegedly attempting to sexually prey on a child.
Alexandrovich, 38, faces felony charges and was released on $10,000 bail, returning to Israel afterward.
He was identified as the executive director of the Israel Cyber Directorate, a government agency under Prime Minister Benjamin Netanyahu’s office.
Alexandrovich had attended the Black Hat Briefings cybersecurity conference in Las Vegas before his arrest.
His LinkedIn page, which referenced the conference and cybersecurity trends, was later deleted.
Israeli officials downplayed the incident, stating it had 'no political implications' and was resolved quickly.
Alexandrovich was placed on leave from the Cyber Directorate by 'mutual decision'.
Netanyahu’s office denied that Alexandrovich was arrested, claiming he was only questioned and returned to Israel as scheduled.
The arrest was part of a sting operation by Nevada’s internet crime against children taskforce, which also nabbed seven other men, including a local pastor.
Under Nevada law, the charges against Alexandrovich could carry a prison sentence of one to 10 years.
XBOW's integration of GPT-5 into its autonomous penetration testing platform significantly enhanced performance, doubling exploit discovery rates.
OpenAI initially assessed GPT-5's cybersecurity capabilities as modest, but XBOW's platform unlocked its hidden potential, showing superior performance in real-world tests.
GPT-5-powered agents found vulnerabilities more consistently and efficiently, reducing false positives and improving exploit quality.
The XBOW platform provides specialized tools, teamwork among agents, and a central coordinator, enabling GPT-5 to excel beyond isolated model performance.
GPT-5's advanced reasoning and ambitious command sequences allow it to combine exploration and exploitation effectively, setting it apart from previous models.
The collaboration between advanced AI models like GPT-5 and specialized systems like XBOW represents the future of offensive cybersecurity, delivering scalable and effective solutions.
LLMs and coding agents are expanding the attack surface in cybersecurity, introducing new vulnerabilities.
Prompt injection attacks exploit LLMs' cognitive gaps, leading to unintended actions by the system.
Coding agents, with their high levels of autonomy, pose significant security risks by executing malicious code unknowingly.
Techniques like ASCII Smuggling and hidden malicious prompts in repositories can bypass human detection but are executed by LLMs.
Remote Code Execution (RCE) attacks can give attackers complete control over systems, leading to data theft or system compromise.
The Nvidia researchers demonstrated numerous ways to exploit LLM-based coding agents, highlighting the infinite potential for attacks.
Nathan Hamiel's RRT (Refrain, Restrict, Trap) strategy suggests mitigating risks by limiting LLM use in critical scenarios and monitoring inputs/outputs.
Exploits in developer tools like CodeRabbit show how attackers can gain access to millions of repositories, posing massive security threats.
Despite patches for some vulnerabilities, the sheer variety and complexity of attacks make comprehensive security challenging.
The seductive efficiency of agentic coding tools may lead developers to overlook security, risking widespread system compromises.
Chinese cyberattacks, like 'Salt Typhoon,' have deeply penetrated U.S. telecommunications networks, enabling espionage on American communications.
China's cyber dominance extends beyond espionage, with malware pre-positioned in U.S. critical infrastructure (energy, water, transport) for potential sabotage.
Structural differences between China's authoritarian cyberdefense and U.S. democratic approach leave American infrastructure vulnerable to attacks.
China's 'Great Firewall' not only censors but also defends against cyber threats, giving it a strategic advantage over the U.S.
U.S. critical infrastructure, managed by private entities with minimal government oversight, lacks uniform cybersecurity standards, making it an easy target.
China's cyber pre-positioning in dual-use systems (water, power, telecoms) could disrupt civilian life and military operations during crises like a Taiwan conflict.
The U.S. struggles with deterrence in cyberspace due to inadequate defenses and unclear retaliation capabilities against China's offensive operations.
AI-powered 'digital twins' of critical infrastructure could help the U.S. simulate attacks, identify vulnerabilities, and improve cyberdefenses proactively.
The U.S. must enhance offensive cyber-capabilities and clarify redlines to deter China, alongside improving public-private collaboration on cybersecurity.
Without urgent action, AI advancements could further widen China's cyber advantage, undermining U.S. national security and global democratic resilience.