recentpopularlog in


« earlier   
Welcome to Panel Attack!
Panel Attack is a free, open-source, online multiplayer match-3 puzzle game in the style of Panel de Pon and Tetris Attack. It is built for use on Windows, Mac, or Linux.
computer  videogames  puzzle  pon  multiplayer  clone  panel  tetris  attack  windows  mac  macos  osc  linux  online 
15 hours ago by cla
غارات إسرائيلية تستهدف «تركة» قاسم سليماني في سوريا | الشرق الأوسط
وقال مسؤول غربي لـ«الشرق الأوسط» إن تل أبيب «باتت أكثر قناعة بأن روسيا لم تعد قادرة على ضبط نفوذ إيران في سوريا، لذلك قررت تكثيف القصف رغم تحفظات موسكو».
Mar15  Israel  Iran  attack  Assassination  Quds_Force  IRGC 
2 days ago by elizrael
Lest We Remember: Cold Boot Attacks on Encryption Keys | Center for Information Technology Policy
Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.
security  paper  dram  memory  attack  encryption  infosec 
6 days ago by jabley
New attack on WPA/WPA2 using PMKID
This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard. WPA3 will be much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE).

The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame.

At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers).

The main advantages of this attack are as follow:
No more regular users required - because the attacker directly communicates with the AP (aka "client-less" attack)
No more waiting for a complete 4-way handshake between the regular user and the AP
No more eventual retransmissions of EAPOL frames (which can lead to uncrackable results)
No more eventual invalid passwords sent by the regular user
No more lost EAPOL frames when the regular user or the AP is too far away from the attacker
No more fixing of nonce and replaycounter values required (resulting in slightly higher speeds)
No more special output format (pcap, hccapx, etc.) - final data will appear as regular hex encoded string
wifi  wpa  security  attack 
15 days ago by some_hren
Kraken Identifies Critical Flaw in Trezor Hardware Wallets | Kraken Blog
Kraken Security Labs has devised a way to extract seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One and Trezor Model T.  The attack requires just 15 minutes of physical access to the device. via Pocket
IFTTT  Pocket  attack  bitcoin  keys  trezor  wallet 
17 days ago by ChristopherA

Copy this bookmark:

to read