Security researcher Anil Kurmus recently demonstrated an attack against Twitter that leveraged a newly released vulnerability in the common data security protocol Secure Sockets Layer (SSL). Kurmus showed that an attacker could exploit the SSL vulnerability to steal the Twitter credentials of a user that was authenticated through HTTPS. The SSL renegotiation bug, as it is termed, was unveiled earlier this month by security researchers at mobile phone authentication vendor PhoneFactor. — AM
The Guardian reports that Chinese threat actors are poised to target encrypted datasets, including intelligence data, as well as pharmaceutical, material, and chemical science research, for future decryption using quantum computers.
The agency is asking for companies and research firms to apply for cooperative research partnerships with the government to help develop technology and tools that would inform a “roadmap” the agency is devising to guide businesses and agencies on implementation.