The FBI infiltrated the Hive ransomware gang in the middle of 2022, but were unable to identify the servers. However, they were able to provide free decryption keys to hundreds of victims. The Austrian authorities noticed a database on the dark web that looked like their own, and it was discovered that the MD5 hashing algorithm was too easy to create two files with the same hash. This allowed the hackers to cheat the authentication process. Version 4.17.5 of the software now forces two options, and code-signing certificates were stolen from GitHub on 07 December 2022. GitHub realised this and it took them two months to figure out what happened. The only thing that was stolen were code-signing keys, and three of them were still valid. GitHub revoked all the certificates, even though it had a knock-on effect on their own code. An alternative to inventing your own USB-key-based password manager is to buy a portable password manager such as KeePass. These typically have two rows of five or six keys next to each other, and they have a full-disk encryption layer inside the drive enclosure. When the power goes down, the key gets flushed from memory and the thing gets locked again. The downside is that they are more expensive than regular USB keys.
This Cyber News was published on nakedsecurity.sophos.com. Publication date: Fri, 03 Feb 2023 17:59:02 +0000