Tag Archives: Data protection

image_pdfimage_print

Europol Data Breach: A Detailed Analysis

Europol office showing a security breach alert on a computer screen, with agents discussing in the background.

Security Breach at Europol: IntelBroker’s Claim and Agency’s Assurance on Data Integrity

Europol Data Breach: Europol has confirmed that its web portal, the Europol Platform for Experts (EPE), has been affected by a security breach. Although the agency assured that no operational data had been compromised, the cybercriminal group IntelBroker has claimed responsibility for the attack.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

Europol Data Breach Revelation. Stay updated with our latest insights.

Europol Data Breach: The Alarming European Cyber ​​Threat, by Jacques Gascuel, the innovator behind advanced security and safety systems for sensitive data, provides an analysis of the crucial role of encryption in this cyber attack..

May 2024: Europol Security Breach Highlights Vulnerabilities

In May 2024, Europol, the European law enforcement agency, actively confirmed a security breach. This incident sparked significant concern among security experts and the public. The threat actor, known as IntelBroker, claimed to have compromised Europol’s web portal, potentially jeopardizing internal and possibly classified data. Following this confirmed breach, Europol’s cyber security has been rigorously tested. The cybercriminal group took responsibility for the intrusion, underscoring potential vulnerabilities within the European agency.

Transitioning to the platform at the heart of this incident, what exactly is the EPE platform? The Europol Platform for Experts (EPE) is an online tool utilized by law enforcement experts to share knowledge, best practices, and non-personal data on crime.

What is the Europol Platform for Experts (EPE)?

The EPE, or Europol Platform for Experts, is a vital online tool that allows law enforcement experts to exchange knowledge and non-personal data on crime. It plays a crucial role in facilitating international cooperation and secure information sharing between law enforcement agencies. The recent compromise of EPE by the IntelBroker Group highlights the critical importance of security of data and communications systems within these agencies.

Transitioning to the intricacies of cybersecurity breaches, let’s delve into the Europol Platform for Experts (EPE) and the recent challenges it faced.

Intrusion Methods and Compromised Data

Cybercriminals exploited specific vulnerabilities not disclosed as of May 16, 2024, which enabled the exfiltration of data including FOUO (For Official Use Only) information, employee details and internal documents. This breach exposed critical data and represents a direct risk to the integrity of Europol’s operations. Moving forward, let’s explore the ‘FOUO Designation’ to comprehend how it underpins the security of sensitive information.

Understanding the FOUO Designation

The FOUO (For Official Use Only) designation is applied to protect information whose unauthorized disclosure could compromise operations or security. Used primarily by government agencies, this classification aims to control access to sensitive information that is not in the public domain. It is essential to maintain mission integrity and the protection of critical data. Recognizing the criticality of the FOUO designation, Europol has swiftly enacted robust security measures and initiated a thorough investigation to mitigate any potential repercussions of the breach.

Europol Response and Security Measures

In response to the incident: Europol has strengthened its security protocols and launched an internal investigation to assess the extent of the breach. Reactive measures have been taken to identify vulnerabilities and prevent future intrusions.

Post-Incident Measures

Europol confirmed the incident but assured that no central system or operational data was affected. The agency took initial steps to assess the situation and maintained that the incident involved a closed user group of the Europol Platform for Experts (EPE).

Europol’s Proactive Response to Security Breach: Strengthening Protocols and Investigating Vulnerabilities

In response to the security breach, Europol has proactively enhanced its security protocols and initiated an internal investigation to determine the breach’s full scope. Taking swift action, the agency implemented reactive measures to pinpoint vulnerabilities and fortify defenses against future intrusions.

Upon confirming the breach, Europol moved quickly to reassure the public, emphasizing that no operational data had been compromised. The agency clarified that Europol’s central systems remained intact, ensuring that the integrity of operational data was preserved.

To address the incident, initial steps have been taken to evaluate the situation thoroughly. Reinforcing its commitment to security, Europol has redoubled efforts to strengthen its protocols and conduct a comprehensive internal investigation, aiming to identify vulnerabilities and prevent future security breaches.

Unveiling the IntelBroker Cybercriminal Group

The IntelBroker Group, notorious for past cyberattacks against government agencies and private companies, has emerged as the culprit behind the Europol data breach. Their involvement raises serious concerns, as their ability to conduct sophisticated attacks suggests a high level of expertise and resources.

The Murky Origins of the Cybercriminals

While the exact origin of these cybercriminals remains shrouded in mystery, their to execute such a complex attack undoubtedly points to a group with significant skill and resources at their disposal.

Scrutinizing the Data Compromised in the Europol Security Breach

Turning our attention to the compromised data, the attackers targeted specific vulnerabilities, which are yet to be disclosed. This resulted in the exfiltration of sensitive information, including FOUO (For Official Use Only) data, employee details, and internal documents. This breach exposes the critical nature of the stolen data and poses a direct threat to the integrity of Europol’s operations.

Delving Deeper: What Information Was Compromised?

Unveiling SIRIUS, a Europol Initiative for Enhanced Cooperation

Amidst the compromised data, SIRIUS emerges as a Europol initiative that has been potentially compromised. SIRIUS aims to bolster cooperation and information exchange between law enforcement and major digital service platforms. This breach raises concerns about the potential disruption of critical collaborative efforts against cybercrime.

Europol’s EC3: A Vital Frontline Against Cyber Threats in Cryptocurrency and Aerospace

The Europol Cybercrime Centre (EC3) plays a pivotal role in combating cybercrime, and its specialized divisions dedicated to monitoring and analyzing cryptocurrency and space-related activities have been potentially compromised. These divisions are crucial in countering cyber threats in these highly technical and rapidly evolving areas. IntelBroker’s claims of infiltrating these divisions underscore the gravity of the security breach and highlight potential risks to sensitive Europol operations.

Data Theft Claimed by IntelBroker: A Granular Analysis

IntelBroker asserts access to classified and FOUO data, encompassing source code, details about alliance employees, and recognition documents. They also allege infiltration into the cryptocurrency and space divisions of Europol’s European Cybercrime Centre (EC3), the SIRIUS project, and the Climate Change and Sustainable Energy Partnership (CCSE). These claims paint a disturbing picture of the extent of the data breach and the potential damage it could inflict.

Active Analysis of the Europol EPE Breach and IntelBroker Claims

Reports indicate that the breach impacted the Europol Platform for Experts (EPE), an online platform utilized by law enforcement experts to share knowledge, best practices, and non-personal data on crime. This platform serves as a critical hub for collaboration and information sharing within the law enforcement community.

IntelBroker claims the compromised data includes information about alliance employees, FOUO (For Official Use Only) source code, PDFs, as well as recognition documents and guidelines. These claims suggest that the attackers gained access to a wide range of sensitive information, potentially jeopardizing the security of Europol personnel and operations.

Sample data provided by IntelBroker appears to show screenshots of the EPE platform, revealing access to discussions between law enforcement and SIRIUS officers regarding requests for sensitive data from social media platforms. These screenshots raise serious concerns about the potential exposure of confidential communications and sensitive data.

IntelBroker boasts of accessing data designated as classified and For Official Use Only (FOUO), including source code, information about alliance employees, and recognition documents. They further claim to have penetrated the cryptocurrency and space divisions of Europol’s European Cybercrime Centre (EC3), the SIRIUS project, and the Climate Change and Sustainable Energy Partnership (CCSE). These claims, if true, indicate a level of sophistication and access that is deeply concerning.

Implications of the Europol Data Security Incident

If the claims are accurate, this information could jeopardize ongoing investigations and the security of the personal data of the officers involved. This breach raises critical questions about data security within law enforcement agencies and highlights the need for robust cybersecurity measures to protect sensitive information.

Statistic of Europol Data Breach

No precise statistics on the extent of the breach were provided. However, the nature of the data involved indicates a potential risk to the security of personal and operational information.

Previous Data Exfiltration Incidents at Europol

Europol has already been the victim of data exfiltration incidents, including the disappearance of sensitive personal files in the summer of 2023. On 6 September 2023, Europol management was informed that the personal paper files belonging to Catherine De Bolle, Europol’s Executive Director, and other senior officials before September 2023 had disappeared. When officials checked all of the agency’s records, they discovered “additional missing records” (Serious Security Breach Hits EU Police Agency – POLITICO).

Short, Medium and Long Term Consequences

The consequences of this breach could be wide-ranging, affecting confidence in the security of European data and Europol’s ability to conduct confidential investigations. The consequences of this breach could be wide-ranging, affecting confidence in the security of European data and Europol’s ability to conduct confidential investigations.

Gray Zone: Europol Private Messaging – Unconfirmed Compromise Raises Concerns

The Europol data breach has sparked a debate surrounding the potential compromise of private message exchanges between law enforcement officials. While claims have been made about the exposure of sensitive communications, the extent and veracity of these allegations remain unconfirmed. This section delves into the murky waters of this situation, examining the concerns raised and the need for further investigation.

Unverified Claims and the Lingering Shadow of Doubt

IntelBroker, the cybercriminal group responsible for the breach, has asserted access to sensitive data, including private communications. These claims have raised alarms among law enforcement officials and the public, prompting questions about the potential impact on ongoing investigations and the safety of informants.

However, it is crucial to acknowledge that these claims have not been independently verified. Europol has not yet released any specific information about the compromised data, leaving many unanswered questions and a cloud of uncertainty hanging over the situation.

Potential Consequences of a Compromised Private Messaging System

While the specific details of the compromised data remain unconfirmed, the potential exposure of private message exchanges could have significant consequences. This includes the possibility of compromised:

  • Personally identifiable information (PII): This could put individuals involved in law enforcement operations at risk.
  • Data used in investigations: Leaked information could jeopardize ongoing investigations and hinder the pursuit of justice.

The disruption to these critical operations could have a broader impact on law enforcement efforts. It is crucial to maintain public trust in law enforcement agencies, and a thorough investigation is essential to understand the full scope of the breach and take necessary steps to mitigate any potential damage.

Global Cybersecurity Context

Cybersecurity has emerged as a significant global issue; as societies and economies digitize, the stakes rise. Consequently, government agencies worldwide face an increasing number of sophisticated cyberattacks. These incidents compel them to enhance their security protocols.

Moreover, international cooperation on cybersecurity is gaining momentum. States are now acknowledging the urgency of conforming to cyber standards. This shift aims to shield the global digital economy from devastating attacks.

Furthermore, the escalation of threats like cybercrime, assaults on critical infrastructure, electronic espionage, and offensive operations necessitates systemic collaboration. Such unified efforts are essential to foster global resilience.

Legal Implications of Europol Data Breach and GDPR

Data breaches have significant legal implications, especially under the EU’s General Data Protection Regulation (GDPR). The GDPR imposes strict obligations on organizations to implement adequate security measures and quickly notify affected individuals in the event of a breach. Failure to meet these requirements can result in significant financial penalties, reputational damage, and loss of customer trust. Organizations should understand the legal consequences of data breaches, including potential fines and penalties, and take proactive steps to navigate those consequences.

Active Defense Against the Europol Security Breach: The Role of Advanced Cybersecurity Solutions

DataShielder Suite and DataShielder Defense: Comprehensive Cybersecurity Solutions for Europol

The Europol data breach serves as a stark reminder of the ever-evolving cyber threats that organizations face. While the specific details of the breach remain under investigation, the potential compromise of sensitive information, including private message exchanges, highlights the critical need for robust cybersecurity measures.

DataShielder Suite and DataShielder Defense, showcased at Eurosatory 2024, offer comprehensive cybersecurity solutions that can effectively safeguard all forms of communication, encompassing messaging services, data transfers, and other sensitive exchanges. These solutions provide a multi-layered approach to data protection, addressing both encryption and key management:

Robust Encryption Across All Communication Channels

DataShielder Suite and DataShielder Defense employ industry-standard encryption algorithms, such as AES-256 CBC, to protect all types of communication, including messaging services. This ensures that even in the event of unauthorized access, sensitive data remains encrypted and inaccessible.

Zero Knowledge & Zero Trust Architecture for Secure Key Management

The Zero Knowledge & Zero Trust architecture eliminates the need for users to share their encryption keys, minimizing the risk of data breaches. Instead, the keys are securely stored and managed within Hardware Security Modules (HSMs) or mobile Hybrid NFC HSMs, providing an additional layer of protection.

Segmented Key Management for Enhanced Security

DataShielder Suite and DataShielder Defense’s segmented key management system further enhances security by dividing encryption keys into multiple segments and storing them in separate, controlled physical environments. This makes it virtually impossible for cybercriminals to obtain all the necessary key segments to decrypt sensitive data.

Immediate Implementation for Europol

DataShielder Suite and DataShielder Defense offer immediate deployment capabilities, allowing Europol to swiftly strengthen its cybersecurity posture across all communication channels. These solutions can be integrated into existing IT infrastructure without disrupting ongoing operations, ensuring a smooth transition to enhanced data protection.

Eurosatory 2024: An Opportunity for Comprehensive Cybersecurity

Eurosatory 2024 provides an opportunity for Europol to engage with DataShielder representatives and explore the full potential of these comprehensive cybersecurity solutions. Experts from DataShielder will be available at the event to discuss specific implementation strategies and address any questions or concerns.

Conclusion on Europol Data Breach

The Europol breach highlights the growing threat of cyberattacks and the need for international agencies to continuously strengthen their defences. The incident underscores the importance of transparency and cooperation to maintain public trust in institutions’ ability to protect sensitive data. The complexity of identifying cybercriminals remains a challenge for the authorities, who must navigate the darkness of cyberspace to locate them.

Official Sources Regarding the Europol Security Breach

Official Sources Regarding the Europol Security Breach

  • Europol Statement: In a statement to POLITICO, Europol spokesperson Jan Op Gen Oorth confirmed that the agency was aware of the incident, which “occurred recently and was immediately discovered.” Europol is currently assessing the situation.
  • System Integrity: It was clarified that “neither Europol’s central system nor operational systems were hacked, which means that no operational data from Europol was compromised.”
  • FBI Seizure of BreachForums: Following the data breach, the FBI has seized control of BreachForums, the hacking site where IntelBroker intended to sell the stolen Europol data. This seizure includes the site’s backend and its official Telegram channel, disrupting the potential sale of the data.

It is important to note that no official press release from Europol regarding this specific breach has been found. However, the statements provided to POLITICO offer an insight into Europol’s initial response to the incident. Measures have already been taken, including the deactivation of the Europol Platform for Experts (EPE), which has been under maintenance since May 10th. The incident has not been acknowledged as an intrusion into the systems, although Europol has not explicitly denied the legitimacy of the cybercriminal’s claims.

For detailed and official information, it is recommended to regularly check Europol’s website and official communication channels.


This updated section provides a comprehensive view of the situation, including the recent actions taken by the FBI, which are crucial to the context of the Europol data breach.

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

Shadowy hacker with a laptop in front of a digital map of Russia highlighted in red, symbolizing the origin of Kapeka Malware.

Kapeka Malware: Exploring Its Impact and Origin

Kapeka malware represents a formidable cyber threat emerging from Russia. This article delves into its sophisticated espionage tactics, offering insights into advanced cybersecurity solutions. Discover how to shield your digital landscape from such statesponsored threats and ensure robust data protection.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

Unveiling Kapeka: The Emerging Russian Cyber Threat. Stay updated with our latest insights.

Kapeka Malware: The Emerging Russian Cyber Threat, by Jacques Gascuel, the innovator behind advanced sensitive data security and safety systems, provides invaluable knowledge on how data encryption and decryption can prevent email compromise and other threats.

Kapeka Malware: The New Russian Intelligence Threat

 

In the complex world of cybersecurity, a new malicious actor has emerged, known as Kapeka. This sophisticated backdoor malware was first detected in Eastern Europe since mid2022 and has been actively used in attacks against victims in the region. WithSecure™ uncovered this novel backdoor, which they have been monitoring since its first appearance.

 

Context and Implications of Kapeka’s Cyber Espionage

 

Kapeka appeared against the backdrop of the ongoing conflict between Russia and Ukraine, seemingly used in targeted attacks across Central and Eastern Europe since the illegal invasion of Ukraine in 2022. It is likely that Kapeka was involved in intrusions that led to the deployment of the Prestige ransomware in late 2022. This malware represents an evolution in Sandworm’s arsenal, likely succeeding GreyEnergy, which itself had replaced BlackEnergy.

 

Operational Capabilities of Kapeka Backdoor

 

Kapeka is described as a flexible backdoor with all the necessary features to serve as an initial toolkit for its operators, as well as to provide longterm access to the victim’s infrastructure. The malware initially collects information and fingerprints the machine and user before sending the details to the threat actor. This enables the transmission of tasks to the machine or updating the backdoor’s configuration.

 

Global Cybersecurity Response to Kapeka Threat

 

WithSecure™, a cybersecurity company, discovered overlaps between Kapeka, GreyEnergy, and the Prestige ransomware attacks, all linked to the Sandworm group. Mohammad Kazem Hassan Nejad, Researcher at WithSecure Intelligence released an indepth technical report on the backdoor and its capabilities on April 17, 2024, as well as an analysis of the connection between Kapeka and the Sandworm group.

 

Advanced Cybersecurity Solutions Against Kapeka

 

To combat threats like Kapeka, advanced cybersecurity solutions such as DataShielder and PassCypher play a pivotal role. These solutions offer cuttingedge protection features that are essential in the current threat landscape.

 

Kapeka’s Contamination Methods

 

Understanding the contamination methods of Kapeka is crucial for developing effective defense strategies. Kapeka typically infiltrates systems through sophisticated phishing campaigns and exploiting known vulnerabilities. Once inside, it employs a multistage process to establish persistence and avoid detection :

 

  • Initial Access : Kapeka often gains initial access through spearphishing emails, which lure individuals into executing malicious attachments or clicking on compromised links.
  • Exploitation : It exploits vulnerabilities in software or systems to install the backdoor without user interaction.
  • Establishing Presence : After gaining a foothold, Kapeka deploys its payload, which includes a backdoor that allows remote access to the infected system.
  • Command and Control : The malware then establishes communication with a commandandcontrol server, which can issue commands, update the malware, or exfiltrate data.
  • Lateral Movement : Kapeka can move laterally across networks to infect other systems, increasing the scope of the attack.
  • Data Exfiltration : It can collect and transmit sensitive data back to the attackers, completing the espionage cycle.

 

By employing these methods, Kapeka can maintain a stealthy presence within a network, making it a formidable challenge for cybersecurity defenses. Organizations must employ advanced security measures, such as those provided by DataShielder and PassCypher, to detect and mitigate these threats effectively.

 

Statistics and Modes of Contamination

 

Kapeka’s contamination statistics reveal its targeted nature, with a focus on Eastern European entities. Its modes of contamination include :

 

  • SpearPhishing : Targeted emails that trick users into executing malicious payloads.
  • Exploiting Vulnerabilities : Taking advantage of unpatched software or system weaknesses.
  • Dropper Files : Using seemingly benign files that deploy the malware upon execution.

 

Cybersecurity Tips to Thwart Kapeka Malware

 

In the battle against Kapeka, adhering to cybersecurity best practices is paramount. Here are some essential tips :

  • Regular Updates : Keep all software and systems up to date with the latest security patches.
  • Employee Training : Conduct regular training sessions to educate employees about phishing and social engineering tactics.
  • Strong Password Policies : Implement strong password policies and encourage the use of password managers like PassCypher.
  • MultiFactor Authentication (MFA) : Use MFA wherever possible to add an extra layer of security.
  • Network Segmentation : Segment networks to contain and limit the spread of any infection.
  • Backup and Recovery : Maintain regular backups and have a clear disaster recovery plan in place.

 

Detection and Protection Methods

 

To detect and protect against Kapeka, organizations should :

  • Deploy Advanced Security Solutions : Utilize tools like DataShielder for encryption and PassCypher for password management.
  • Security Information and Event Management (SIEM) : Use SIEM systems to monitor and analyze security alerts.
  • Endpoint Detection and Response (EDR) : Implement EDR solutions to identify and respond to threats on endpoints.
  • Regular Audits : Conduct regular security audits and vulnerability assessments.

 

DataShielder : NFC HSM and PGP Encryption

 

DataShielder provides contactless encryption using NFC HSM technology, ensuring secure data and communication management. Its offline key management system is particularly effective against network compromises, a common tactic used by malware like Kapeka.

 

PassCypher : Password Management and AntiPhishing

 

PassCypher revolutionizes password management with its NFC HSM, HSM PGP, and Engine components, offering contactless password management and realtime AES256 PGP encryption. Its antiphishing sandbox system is crucial for defending against typosquatting and BITB attacks, which are often employed by espionage malware.

 

PostQuantum Security and Anonymity

 

Both DataShielder and PassCypher provide postquantum AES256 CBC PGP encryption with segmented keys, some of which are physically offline. This level of encryption, combined with the absence of servers, databases, and the need for account creation, ensures complete anonymity and futureproofs security against emerging threats.

 

Implementing DataShielder and PassCypher

 

Integrating DataShielder and PassCypher into cybersecurity strategies offers robust protection against Kapeka and similar threats. Their advanced features ensure the confidentiality, integrity, and availability of sensitive data, making them indispensable tools in the fight against cyber espionage.

 

Deep Dive into Kapeka : A Comprehensive Malware Analysis

 

Contamination Tactics and Kapeka’s Spread

 

Kapeka has been used in targeted attacks in Eastern Europe since at least mid2022. It was first observed in an Estonian logistics company in late 2022. The exact mode of contamination is not fully known, but it is likely that Kapeka is distributed through phishing methods or other attack vectors that exploit security vulnerabilities.

 

Kapeka’s Data Harvesting Techniques

 

The Kapeka malware collects information and takes fingerprints of the machine and user before transmitting the details to the threat actor. This potentially includes sensitive data such as credentials, network configurations, and other critical information.

 

Strategies for Detecting and Protecting Against Kapeka Malware

 

To detect Kapeka, WithSecure™ researchers developed several artifacts, including a registrybased configuration extractor, a script to decrypt and emulate the malware’s network communication, and as might be expected, a list of indicators of compromise, YARA rules, and MITRE ATT&CK mapping.

 

Uncovering Kapeka : Insights from WithSecure™

 

The discovery of Kapeka is attributed to the researchers at WithSecure™, who published a detailed technical report on the malware and its capabilities on April 17, 2024. Their thorough technical analysis has shed light on the links between Kapeka and the Sandworm group.

 

Detailed Data Collection by Kapeka Malware

 

Kapeka is designed to perform thorough and meticulous data collection on infected machines. Here’s a detailed view of the types of data Kapeka is capable of collecting :

  • System Information : Kapeka gathers information about the operating system, version, installed updates, and the presence of security software.
  • Network Configuration : It identifies the machine’s network configuration, including IP addresses, domain names, and proxy settings.
  • User Details : The malware can extract usernames, the groups they belong to, and associated privileges.
  • Machine Fingerprints : Kapeka performs a fingerprint of the machine, which includes identifying hardware such as the CPU and memory, as well as connected peripherals.
  • List of Running Processes : It monitors the processes running on the machine to detect suspicious activities or security software in action.
  • Files and Directories : Kapeka can list files and directories, particularly those containing sensitive or corporate data.
  • Active Network Connections : The malware analyzes active network connections to understand incoming and outgoing communication.
  • Keystroke Data : Although not specifically mentioned in reports, malware of this type often has the capability to record keystrokes to capture passwords and other sensitive information.

 

Kapeka’s Infection Mechanisms

 

Kapeka uses sophisticated contamination methods to infiltrate target systems. It includes a dropper designed to install the backdoor on the victim’s machine, which then selfdeletes to avoid detection. The backdoor starts by collecting initial information and machine/user fingerprints before relaying details to the threat actor. The exact propagation method remains unclear, but historical patterns suggest phishing and exploitation of known vulnerabilities.

 

Geopolitical Implications of Kapeka’s Deployment

 

The development and deployment of Kapeka follow the ongoing conflict between Russia and Ukraine, with Kapeka likely used in targeted attacks since the illegal invasion of Ukrainian territory in 2022. The emergence of Kapeka is part of the increasing tensions between Russia and Western countries. This malware is an example of how cyber warfare is becoming an increasingly used tool in geopolitical conflicts. Cyberattacks like those carried out by Kapeka can have major repercussions on international relations, national security, and the global economy.

 

RealWorld Impact : Case Studies of Kapeka Attacks

 

Although specific details of attacks are often classified, it is known that Kapeka has been used against strategic targets, including critical infrastructure and key businesses. These case studies demonstrate Kapeka’s ability to disrupt operations and steal sensitive information, highlighting the need for robust cybersecurity.

 

Kapeka Versus Other Malware : A Comparative Analysis

 

Kapeka stands out from other malware due to its sophistication and ability to remain undetected for long periods. Unlike more widespread malware like WannaCry or NotPetya, Kapeka specifically targets organizations for reconnaissance and longterm information gathering operations.

 

Cybersecurity Tips in the Age of Kapeka

 

To protect against Kapeka and similar threats, it is essential to adopt a multilayered approach to cybersecurity, including regular system updates, employee training on phishing risks, and the installation of advanced security solutions.

 

International Reactions to the Rise of Kapeka Malware

 

In response to the threat posed by Kapeka, international organizations such as the European Union and NATO have strengthened their cybersecurity cooperation. Measures such as intelligence sharing and the development of collective defense strategies have become a priority.

 

Media and Education’s Role in Combating Kapeka

 

The media plays a crucial role in raising public awareness of cyber threats. Media education and good cybersecurity practices are essential to prevent the spread of malware and strengthen the resilience of individuals and organizations.

 

The Future of Cyber Warfare in the Shadow of Kapeka Malware

 

The future of cyber warfare is uncertain, but it is likely that malware like Kapeka will continue to play a significant role. Nations will need to invest in cyber defense and cyber intelligence capabilities to anticipate and counter future threats.

 

Sources of Discovery and Analysis of Kapeka Malware

 

The discovery and analysis of Kapeka can be attributed to cybersecurity firms like WithSecure™, which :

Publish Technical Reports : Provide detailed insights into the malware’s capabilities and modus operandi.

Share Indicators of Compromise (IoCs) : Distribute IoCs to help organizations detect Kapeka’s presence.

Collaborate Internationally : Work with governments and international agencies to share intelligence and strategies.

 

Concluding Insights on Kapeka’s Cyber Threat Landscape

 

The discovery of Kapeka underscores the importance of vigilance and international collaboration in the fight against cyber threats. As the threat landscape continues to evolve, detecting and analyzing malware such as Kapeka is crucial for anticipating and countering the operations of state threat groups. International unity is required to face these challenges and protect critical infrastructures from malicious actors.

Apple M chip vulnerability: A Breach in Data Security

Illustration of an Apple MacBook with a highlighted M-series chip vulnerability, surrounded by symbols of data security breach and a global impact background.

Apple M-Chip Vulnerability: Critical Risk

Learn about the critical Apple M-chip flaw, a micro-architectural vulnerability that threatens data security. This article reveals the attack process exploiting data prefetching and encryption key extraction, highlighting the major security impact. Essential reading to understand and anticipate the risks linked to this alarming discovery.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

Apple M chip vulnerability: uncover the critical security breach highlighted by MIT (CSAIL). Stay updated with our latest insights.

Apple M chip vulnerability and how to Safeguard Against Threats, by Jacques Gascuel, the innovator behind advanced sensitive data security and safety systems, provides invaluable knowledge on how data encryption and decryption can prevent email compromise and other threats.

Apple M chip vulnerability: uncovering a breach in data security

Researchers at the Massachusetts Institute of Technology’s (MIT) Computer Science and Artificial Intelligence Laboratory (CSAIL) have unveiled a critical hardware flaw within Apple’s M-series chips, dubbed the “Apple M chip vulnerability,” marking a significant breach in data security. This vulnerability, referred to as ‘GoFetch,’ highlights a concerning issue in the chips’ microarchitecture, potentially compromising the integrity of sensitive information stored on millions of devices. Unlike previous security flaws, this unpatchable vulnerability allows for the unauthorized extraction of cryptographic keys through a secondary channel during the execution of cryptographic protocols, posing a serious threat to data security across a broad spectrum of devices. The discovery underscores the vulnerability’s profound implications, as it affects not only the security of Apple devices but also the broader ecosystem relying on these cryptographic protocols.

Exploiting the Apple M Chip Vulnerability Without Elevated Privileges

A notable aspect of this vulnerability is its exploitation without the need for elevated privileges. Academic researchers have devised an application capable of retrieving cryptographic keys from other applications running the affected algorithms. This exploitation leverages the Data Memory-Dependent Prefetcher (DMP) within the chips, which can mistakenly interpret data as memory addresses, thereby enabling attackers to reconstruct secret keys.

The Risk to Users’ Sensitive Data

The implications of this vulnerability are far-reaching, affecting all common cryptographic algorithms, including those designed to be quantum-resistant. Researchers have demonstrated the successful extraction of RSA, DHKE, Kyber, and Dilithium keys, with extraction times varying from 49 minutes to 15 hours, depending on the algorithm. This vulnerability endangers the integrity of encrypted data, including sensitive personal and financial information.

The Mechanics Behind the Attack

The vulnerability arises from the architectural design of Apple’s M1, M2, and M3 chips, which, similar to Intel’s latest Raptor Lake processors, utilize caches to enhance performance. These caches can inadvertently mix up data with memory addresses, leading to potential data leakage. A well-designed cryptographic code should operate uniformly in time to prevent such vulnerabilities.

La Vulnérabilité des Puces M d’Apple: A Risk to Cryptocurrency Wallets

The discovery of this vulnerability also casts a shadow over the security of cryptocurrency wallets. Given the flaw’s capacity for cryptographic key extraction through side-channel attacks, users of cold wallets or hardware wallets connected to computers with vulnerable chips for transactions may face heightened risks. These vulnerabilities underscore the importance of assessing the security measures of cold wallets and hardware wallets against such exploits.

Impact on Cold Wallets and Hardware Wallets

Private key extraction poses a serious threat, especially when devices are connected to vulnerable computers for transactions. This vulnerability could compromise the very foundation of cryptocurrency security, affecting both local and remote attack scenarios.

Security Recommendations

Manufacturers of cold and hardware wallets must promptly assess and address their vulnerability to ensure user security. Users are advised to adhere to best security practices, such as regular updates and minimizing the connection of cold wallets to computers. An effective alternative is the utilization of Cold Wallet NFC HSM technology, such as Freemindtronic’s EviVault NFC HSM or EviSeed NFC HSM, embedded in Keepser and SeedNFC HSM products, offering robust protection against such vulnerabilities.

Apple M Chip Vulnerability: Unveiling the Unpatchable Flaw

This flaw, inherent to the microarchitecture of the chips, allows the extraction of cryptographic keys via a secondary channel during the execution of the cryptographic protocol.
This discovery of an “irreparable flaw” in Apple’s M-series chips could seriously compromise data security by allowing unauthorized extraction of encryption keys. This vulnerability constitutes a significant security flaw, posing a substantial risk to user data across various devices.

The Micro Architectural Rift and its Implications: Unveiling the Apple M Chip Vulnerability

Critical Flaw Discovered in Apple’s M-Chips

Moreover, the recent discovery of the ‘Apple M chip vulnerability’ in Apple’s M-series chips has raised major IT security concerns. This vulnerability, inherent in the silicon design, enables extraction of cryptographic keys through a side channel during the execution of standard cryptographic protocols. Furthermore, manufacturers cannot rectify this flaw with a simple software or firmware update, as it is embedded in the physical structure of processors.

Implications for Previous Generations

Additionally, the implications of the ‘Apple M chip vulnerability’ are particularly severe for earlier generations of the M-series, such as M1 and M2. Furthermore, addressing this flaw would necessitate integrating defenses into third-party cryptographic software, potentially resulting in noticeable performance degradation when performing cryptographic operations.

Hardware optimizations: a double-edged sword

Moreover, modern processors, including Apple’s M-series and Intel’s 13th Gen Raptor Lake microarchitecture, utilize hardware optimizations such as memory-dependent prefetching (DMP). Additionally, these optimizations, while enhancing performance, introduce security risks.

New DMP Research

Moreover, recent research breakthroughs have unveiled unexpected behavior of DMPs in Apple silicon. Additionally, DMPs sometimes confuse memory contents, such as cryptographic keys, with pointer values, resulting in data “dereference” and thus violating the principle of constant-time programming.

Additionally, we can conclude that the micro-architectural flaw and the unforeseen behaviors of hardware optimizations emphasize the need for increased vigilance in designing cryptographic chips and protocols. Therefore, addressing these vulnerabilities necessitates ongoing collaboration between security researchers and hardware designers to ensure the protection of sensitive data.

Everything you need to know about Apple’s M chip “GoFetch” flaw

Origin of the fault

The flaw, dubbed “GoFetch,” was discovered by researchers at the Computer Science and Artificial Intelligence Laboratory (CSAIL) at the Massachusetts Institute of Technology (MIT). It affects Apple’s M1, M2 and M3 chips and allows for the extraction of encryption keys, compromising data security1.

Level of hazardousness

The vulnerability is considered severe because it cannot be fixed by a simple software patch. Furthermore, it is due to a specific hardware optimization in the architecture of the chips, making it difficult to correct without significantly impacting the performance of the devices.

Apple’s response and actions taken

Moreover, to date, Apple has not yet officially communicated about this flaw. Security experts recommend the use of software solutions to mitigate risk, although this may reduce the performance of affected devices.

Source of the vulnerability report

The detailed report on this vulnerability has been published by CSAIL. For an in-depth understanding of the flaw and its implications, it is advisable to consult the full research paper provided by the researchers.

Understanding the ‘Apple M chip vulnerability’ and its ‘GoFetch’ flaw

Vulnerability Description

  • Data Memory-Dependent Prefetcher (DMP): Moreover, this function in Apple’s M chips is designed to improve performance by predicting and loading data that the CPU might need next. However, it has a vulnerability that can be exploited through a side-channel attack.
  • Side-Channel Attack: Additionally, the flaw allows attackers to observe the effects of the DMP’s operation, such as timing information, to infer sensitive data.
  • Encryption Key Extraction: Furthermore, by exploiting the DMP’s behavior, attackers can extract encryption keys that are used to secure data on the device. This includes keys from widely-used cryptographic protocols like OpenSSL Diffie-Hellman, Go RSA, CRYSTALS Kyber, and Dilithium.

Level of Hazardousness

Additionally, the “GoFetch” flaw is considered very dangerous because it is a hardware-level vulnerability. It cannot be fixed with a software update without potentially reducing chip performance.

The diagram illustrating the level of hazardousness of the micro-architectural flaw in the Apple M-Chip, specifically the “GoFetch” flaw, has been successfully created. Moreover, this visual representation captures the flaw’s inception at the Data Prefetching (DMP) function, its exploitation through the attack process, the subsequent extraction of encryption keys, and the final security impact, including compromised data privacy and security breaches.

Diagram showcasing the GoFetch vulnerability in Apple M-Chip, from data prefetching to security impact.
This diagram delineates the exploitation process of the GoFetch flaw in the Apple M-Chip, highlighting its hazardous impact on data security.
  1. Data Prefetching (DMP): Furthermore, a diagram component shows the DMP function, which is the initial target for the attack.
  2. Attack Process: Additionally, a flow demonstrates how the attacker exploits the DMP to initiate a side-channel attack.
  3. Encryption Key Extraction: Moreover, a depiction of the attacker successfully retrieving the encryption keys through the side-channel.
  4. Security Impact: Additionally, the final part of the diagram should show the potential risks, such as compromised data privacy and security breaches.

Impact and Timeline of Apple M1, M2, and M3 Chips: Assessing the ‘Apple M chip vulnerability’ Impact and Progression

The ‘Apple M chip vulnerability’ affects all Macs running Apple silicon, including M1, M2, and recent M3 chips. This includes a wide range of Mac and MacBook computers, which are now susceptible to side-channel attacks exploiting this vulnerability.

Apple computer affected by this flaw

The ‘Apple M chip vulnerability’ impacts a wide range of Apple hardware, starting with the launch of the first Mac system-on-chip, the M1, in November 2020. This hardware includes the M1, M1 Pro, M1 Max, M1 Ultra, M2, M2 Pro, M2 Max, M2 Ultra, M3, M3 Pro, and M3 Max chips.

Date Model Description
Nov 2020 M1 Introducing the M1 to MacBook Air, MacBook Pro, and Mac mini 13″
Apr 2021 M1 Launch of the iMac with M1 chip
Oct 2021 M1 Pro and M1 Max M1 Pro and M1 Max arrive in 14-inch and 16-inch MacBook Pros
March 2022 M1 Ultra M1 Ultra launches with Mac Studio
June 2022 M2 Next generation with the M2 chip
Jan. 2023 M2 Pro and M2 Max M2 Pro and M2 Max launch in 14-inch and 16-inch MacBook Pros, and Mac mini
June 2023 M2 Ultra M2 Ultra launches on Mac Studio and Mac Pro
Oct 2023 M3 M3 series with the M3, M3 Pro and M3 Max

To establish the extent of the problem of Apple’s M chip vulnerability and its consequences on a global scale, we sought to establish the most accurate statistics published on the internet to try to assess as accurately as possible the number of devices affected and the geographical scope of the impact.

The Magnitude of the ‘Apple M chip vulnerability’: Global Consequences and Statistics

The “GoFetch” vulnerability in Apple’s M chips has a potential impact on millions of devices around the world. Since the introduction of the M1 chip in November 2020, Apple has sold tens of millions of Mac computers with the M1, M2, and M3 chips, with a presence in more than 100 countries. This security flaw therefore represents a significant threat to data privacy and security on a global scale.

Potential Consequences:

  • Privacy breach: Because encryption keys can be extracted, sensitive user data is at risk.
  • Business impact: Organizations that rely on Apple devices for their operations could face costly data breaches.
  • Economic repercussions: Confidence in the safety of Apple products could be shaken, potentially affecting future sales.

It is crucial that users are aware of this vulnerability and take steps to secure their devices, pending an official response from Apple and potential solutions to mitigate the risks associated with this critical security breach.

Statistics

In terms of sales, Apple’s A and M chips have seen impressive growth, with a 54% increase in revenue, reaching $2 billion in the first quarter. This positive trend reflects the widespread geographic impact and growing adoption of Apple Silicon technologies.

Based on available data, here is an estimate of the number of Apple computers with the M1, M2, and M3 chips sold, broken down by geographic region:

Statistics Table Detailed Statistics

Based on available data, here is an estimate of the number of Apple computers with the M1, M2, and M3 chips sold, broken down by geographic region:

Region Estimated sales
Americas 2 millions
Europe 1.5 million
Greater China 1 million
Japan 500 000
Middle East 300 000
Africa 200 000
Asia-Pacific 300 000
Latin America 100 000
Eastern Europe 100 000

Estimated total: 6 million units sold.

These estimates underscore the importance of the “GoFetch” vulnerability and the need for Apple to effectively respond to this security flaw on a global scale.

These estimates are based on market shares and sales trends in these regions. They give an idea of the distribution of sales of Macs with the M1, M2, and M3 chips outside of major markets.

These figures are based on overall sales and may vary depending on the sources and methods of calculation. Still, they give an idea of the scale of Apple’s M-chip distribution around the world and highlight the importance of the “GoFetch” vulnerability on a global scale. It’s important to note that these numbers are estimates, and exact sales data by country isn’t always published by Apple or third-party sources.

What are the Safeguards?

The IT security expert community emphasizes the importance of developing software solutions to mitigate risk, even if it could lead to a significant decrease in the performance of affected devices. Solutions like DataShielder Defense NFC HSM, developed by Freemindtronic, offer hardware or hybrid countermeasures to secure encryption keys

DataShielder NFC HSM

DataShielder Defense NFC HSM, developed by Freemindtronic, offers advanced security measures to protect encryption keys against vulnerabilities such as “GoFetch.” Utilizing AES-256 and RSA-4096 encryption through an NFC HSM and/or hybrid hardware and software HSM PGP for data encryption as well as wifi, Lan, Bluetooth, and NFC communication protocols, DataShielder enables externalized encryption for Apple computers, ensuring the confidentiality and integrity of sensitive data. This solution is particularly beneficial for businesses and organizations handling highly sensitive information, providing them with robust cybersecurity and security against potential cyber threats.

DataShielder HSM PGP

DataShielder HSM PGP provides a secure hybrid HSM PGP platform solution for generating, storing, and managing PGP keys, offering end-to-end encryption for email communications via a web browser. By integrating mechanisms for creating secure containers on multiple hardware supports that can be physically externalized from the computer, DataShielder HSM PGP enhances the confidentiality and authenticity of email exchanges by encrypting emails, thus mitigating the risk of interception or tampering by malicious actors. This solution is ideal for all types of businesses, financial institutions, and companies requiring stringent data protection measures without the risk of relying on their computers’ security vulnerabilities.

DataShielder Defense

DataShielder Defense provides comprehensive protection against hardware vulnerabilities and cyber threats by combining hardware and software hybrid encryption compatible with all types of storage media, including NFC HSM. It incorporates the management of various standard symmetric and asymmetric encryption keys, including freely selectable Open PGP encryption algorithms by the user. By protecting sensitive data at the hardware level, without servers, without databases, and in total anonymity, DataShielder Defense ensures a very high level of security considered post-quantum, offering a wide range of applications, including data storage, communication, and processing. This solution is particularly advantageous for governmental entities and organizations dealing with classified information. It serves as a counter-espionage tool suitable for organizations looking to strengthen their cybersecurity posture and mitigate risks associated with very complex emerging threats.

In summary, DataShielder solutions provide effective countermeasures against hardware vulnerabilities like “GoFetch,” offering organizations reliable protection for their sensitive data and critical assets. Through continuous innovation and collaboration with industry partners, DataShielder remains at the forefront of data security, empowering organizations to defend against evolving cyber threats and protect their digital infrastructure.

Let’s summarize

The recent discovery of a vulnerability in Apple M chips, dubbed “GoFetch,” by MIT researchers raises major concerns about data security on devices equipped with these chips. This flaw potentially exposes millions of Mac computers worldwide to side-channel attacks, compromising the privacy of stored information.

In conclusion on the vulnerability of Apple M series chips: Addressing the critical Apple M chip vulnerability

The vulnerability discovered in Apple’s M-series chips, known as “GoFetch,” by researchers at MIT underscores the significant challenges facing hardware manufacturers in terms of security. Effective safeguards, both in software and hardware, are crucial to mitigate risks and uphold the security of sensitive user data. Collaboration among manufacturers, security researchers, and government entities is essential to develop robust solutions and ensure protection against emerging threats.

In conclusion, the prompt identification and resolution of hardware vulnerabilities like “GoFetch” are imperative for maintaining user confidence and safeguarding the integrity of IT systems. Continuous evaluation and implementation of technological advancements and security best practices are necessary to provide adequate protection against potential threats.

New EU Data Protection Regulation 2023/2854: What you need to know

New EU Data Protection Regulation 2023/2854: What you need to know
Learn more about the new European Data Protection Regulation (2023/2854) written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

EU 2023/2854 Data Protection Rules: what you need to know

The EU has adopted a new regulation to protect personal data published in OJ L, 2023/2854 on 22.12.2023. How does this impact you and your business? Learn more in this article and discover why Freemindtronic innovations are already compliant.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture EviCore HSM OpenPGP Technology EviCore NFC HSM Browser Extension EviCore NFC HSM Technology Legal information Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Andorran law

Llei 26/2014 del 30 d’octubre de patents

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

What you need to know about the new EU data protection regulation (2023/2854)

Personal data is a valuable asset in the digital age, but also a vulnerable asset. This is why the European Union has adopted a new regulation to protect the personal data of individuals in the EU. Data

Protection Regulation (EU) 2023/2854 supplements and updates the General Data Protection Regulation (GDPR), which has been in force since 2018. The new regulation introduces additional procedural rules for the application of the GDPR, particularly in cross-border cases. It also creates the European Data Protection Authority (EDPA), a new independent body that ensures the consistent application of EU data protection rules across the EU. The new regulation will come into force on November 26, 2024. In this article, we will explain the main provisions of the new regulation, its advantages and disadvantages, its international scope and its reactions and controversies.

We will also show you how some products and technologies from Freemindtronic, an Andorran company specialized in security and cybersecurity of computer and information systems, already comply with the new regulation, since they offer innovative and ecological solutions to protect the personal data without using servers, databases, online accounts or identifiers.

The main provisions of the EU data protection law

Several measures to ensure the security, confidentiality and integrity of personal data are introduced by the EU data protection law. These measures are:

  • Declaration of the activity and the processing practices. The controllers and the managers of the entities that process personal data must declare them to the national data protection authorities (NDPA) and to EDPA. The EDPA is a new independent body. It oversees the consistent application of the EU data protection rules across the EU. It also cooperates with the NDPA and the other EU institutions. The goal is to ensure the protection of personal data.
  • Implementation of technical and organizational measures. The controllers and the managers of the entities that process personal data must implement them to prevent the risks of damage or loss of data. For example, these measures include the encryption of data, the pseudonymization of data, the limitation of data access, the regular testing of data security, the notification of data breaches, and the appointment of a data protection officer.
  • Reinforcement of the rights of the persons concerned. They have reinforced rights, such as the right of access, the right of opposition, the right of erasure, the right to data portability and the right to restriction of processing. These rights allow the persons to obtain information about the processing of their data, to object to certain types of processing, to request the deletion of their data, to transfer their data to another entity, and to limit the processing of their data in certain cases.
  • Provision of administrative sanctions. The regulation provides them. They can reach up to 20 million euros or 4% of the annual global turnover, depending on the severity of the infringement. The NDPA or the EDPA, depending on the case, impose these sanctions. The national courts or the Court of Justice of the European Union can hear the appeals.

The advantages and disadvantages of the EU data protection reform

The EU data protection reform has pros and cons for different actors involved.

The benefits for the persons whose data are processed

The regulation offers a better protection of their rights and interests. They can control more the use of their data and benefit from a high level of security. Moreover, they have an easy and fast access to the information related to the processing of their data, as well as to the remedies in case of dispute. For instance, a person can request a copy of their data from an online platform. If they find any inaccurate or outdated data, they can ask for a correction or an update. They can also withdraw their consent to the processing of their data at any time, or ask for the deletion of their data if they no longer want to use the platform.

The drawbacks for the controllers and the managers of the entities that process personal data

The regulation imposes additional obligations and stricter constraints on them. They must comply with harmonized rules within the EU, while taking into account the national and regional specificities. Furthermore, they face more severe sanctions in case of non-compliance with the regulation. For example, an entity that processes personal data of persons located in the EU must declare its activity and its processing practices to the NDPA and the EDPA.

It must also obtain the prior consent of the persons for the processing of their data, unless there is a legal basis for the processing. The entity must process the data in a lawful, fair and transparent manner, and collect them for specific, explicit and legitimate purposes. It must also respect the principles of data minimization, data accuracy, data storage limitation, data integrity and data confidentiality.

The international scope of the EU data protection rules

The EU data protection rules have an international scope, as they apply to any entity that processes personal data of persons located in the EU, whether it is established or not in the EU. The regulation therefore requires foreign entities to respect the same rules as European entities, under penalty of sanctions. It aims to ensure an equivalent level of protection for personal data transferred outside the EU.

For this purpose, the regulation establishes different mechanisms to ensure the adequacy of the data protection in the third countries or the international organizations that receive the data. These mechanisms include, for example, the adoption of adequacy decisions by the European Commission, the use of standard contractual clauses, the adherence to binding corporate rules, or the certification by approved schemes.

The reactions and controversies of the EU data protection regulation

The EU data protection regulation has provoked diverse reactions, ranging from approval to contestation.

Positive reactions

Some actors have welcomed the interest of the regulation to strengthen the trust and to foster the technological evolution in the field of data protection. They have highlighted the innovative and ambitious character of the regulation, which places the EU at the forefront of the protection of personal data. For example, the European Data Protection Supervisor (EDPS), the independent advisor of the EU institutions on data protection issues, has praised the regulation as a “historic achievement” and a “major step forward” for the protection of the fundamental rights of the individuals in the digital age.

Negative reactions

Some actors have criticized the obligation to inform the NDPA and the EDPA about the activity and the processing practices of personal data. They have considered that it could infringe their national sovereignty or that it could create a risk of illegal or fraudulent exercise by some foreign entities. They have also expressed their concern about the complexity and the heaviness of the regulation, which could hinder the competitiveness and the growth of the entities that process personal data. For example, some member states, such as France, Germany, Italy or Spain, have raised objections or reservations about certain aspects of the regulation.

These aspects include the role and the powers of the EDPA, the criteria and the procedures for the adequacy decisions, or the level and the distribution of the sanctions.

How Freemindtronic products and technologies protect personal data

Freemindtronic is an Andorran company that specializes in security and cybersecurity of computer systems and information systems. It designs and develops green technology products and services under white label, based on contactless technology (NFC). Some of its products are PassCypher, DataShielder, SeedNFC or Cardokey, which use embedded technologies such as EviCore NFC HSM, EviCore HSM OpenPGP or EviCore NFC HSM Browser Extension.

These products and technologies have several advantages for the protection of personal data, compared to traditional solutions based on servers, databases, online accounts or identifiers. Indeed, they work without server, without database, anonymously from end to end, without the need to create an account on the internet or to identify themselves to use the products. Therefore, they reduce the risks of loss or damage of data, respect the rights of the persons concerned, and comply with the harmonized rules in the EU. These products and technologies of Freemindtronic are already compliant with the European regulation on data protection, because they respect the principles of security, confidentiality and integrity of data, as well as the rights of the persons concerned. They offer an innovative and ecological alternative to traditional solutions, which may present risks or constraints for data protection.

Conclusion

The regulation (EU) 2023/2854 is an important text for the protection of personal data in the EU. It introduces measures to ensure the security, confidentiality and integrity of data, as well as to reinforce the rights of the persons concerned. It applies to any entity that processes personal data of persons located in the EU, whether it is established or not in the EU. It was adopted within the legislative process on the fundamental rights in the EU, but it also provoked reactions and controversies between some member states. It will enter into force on November 26, 2024.

WhatsApp Hacking: Prevention and Solutions

whatsapp-hacking-prevention-and-solutions-by-evicrypt-end-or-evifile-hasm-and-nfc-hsm-from-freemindtronic-andorra-technology

WhatsApp hacking by Jacques Gascuel has been updated as of September 20, 2024. This article will continue to be updated with the most recent findings, including new vulnerabilities like the “View Once” flaw and other Remote Code Execution (RCE) exploits. Stay tuned for ongoing updates on the evolving landscape of WhatsApp security and best practices to protect your data.

How to Secure WhatsApp

WhatsApp hacking is a growing concern as this popular messaging app is increasingly targeted by hackers seeking access to your personal and business data. How can you protect yourself from WhatsApp hacking, and what should you do if it happens? In this article, you’ll learn some tips and tricks to improve your WhatsApp security, as well as innovative encryption technology solutions from Freemindtronic that can significantly enhance your protection.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

How to Prevent and Solve WhatsApp Hacking Issues with Freemindtronic’s Solutions

WhatsApp, with over 2 billion users worldwide, remains a prime target for hackers. Despite its popularity, WhatsApp is not immune to hacking, which can severely compromise the security and privacy of your conversations. So, how can you protect your WhatsApp account from hacking, and what should you do if it gets hacked?

The Risks of WhatsApp Hacking

WhatsApp hacking can have serious consequences for victims. Hackers can gain access to all personal and sensitive information stored in the app, including messages, photos, videos, contacts, and groups. They can impersonate the victim, sending fraudulent or malicious messages to contacts. These messages can request money or trick recipients into clicking on infected links. Furthermore, hackers can spread false information or illegal content using the compromised account.

WhatsApp hacking can also impact a victim’s professional life, especially if they use the app for business communication. Hackers can access confidential data like contracts, quotes, or project details. They can also damage the victim’s reputation by sending abusive or defamatory messages to professional contacts.

The Techniques of WhatsApp Hacking

Hackers employ various techniques to breach WhatsApp accounts, including:

  • Phishing: Hackers send deceptive messages or emails that appear to be from official services like WhatsApp, Google, or Apple. These prompts encourage the victim to click on a link or provide personal information. This link usually leads to a fraudulent site designed to steal the victim’s data.
  • Voice Mail Exploitation: Hackers exploit flaws in the WhatsApp authentication process by dialing the victim’s phone number and attempting to access their WhatsApp account. If the victim’s phone is off or in airplane mode, the verification code sent via SMS or call may go to voicemail. Hackers can retrieve it using default or guessed voicemail codes.
  • QR Code Scanning: This technique takes advantage of WhatsApp Web by scanning a QR code displayed on a computer with the victim’s smartphone. A hacker can then access the WhatsApp account on their own computer.

Recent WhatsApp Vulnerabilities

In addition to these techniques, new vulnerabilities have emerged that pose significant risks to WhatsApp users:

  • Remote Code Execution Vulnerabilities: In late 2023, two critical remote code execution (RCE) vulnerabilities were discovered in WhatsApp. These vulnerabilities, identified as CVE-2023-5668 and CVE-2023-38831, allowed attackers to execute arbitrary code on a victim’s device through specially crafted video files or other exploitative methods. Although WhatsApp has since patched these vulnerabilities, they underscore the importance of keeping the app updated to avoid potential exploitation​.
  • Xenomorph Malware: The Xenomorph Android malware has evolved into a significant threat to Android users, including those using WhatsApp. This malware disguises itself as legitimate apps and can bypass multi-factor authentication to steal credentials and take over user accounts. Its capabilities include stealing data from both banking apps and cryptocurrency wallets, potentially targeting WhatsApp accounts as well​.
  • Dark Web Exploits: The demand for zero-day vulnerabilities, especially for apps like WhatsApp, has surged. These vulnerabilities are being sold for millions of dollars on the dark web, highlighting their value to hackers. Such exploits could allow attackers to bypass security measures and gain unauthorized access to user data. It is crucial to stay informed about the latest patches and updates released by WhatsApp to mitigate these risks​.

New Vulnerability Found in WhatsApp’s “View Once” Feature

WhatsApp’s “View Once” feature, designed to enhance privacy by making media disappear after just one view, has recently revealed a serious security vulnerability. Discovered by Zengo X, this flaw lets attackers bypass the feature, especially on web and desktop versions.

Vulnerability Details

While mobile devices effectively prevent screenshots and saving media, the protection doesn’t extend as well to non-mobile platforms. Zengo X researchers found that browser extensions, like those available for Chrome, can easily modify WhatsApp’s code. They disable the “View Once” flag, turning temporary messages into permanent ones. This allows attackers to save, forward, and view messages repeatedly.

Moreover, messages marked as “View Once” are sent to all devices linked to the recipient. This includes those that shouldn’t handle this feature, such as web and desktop platforms. Attackers can exploit this loophole and save media on these platforms. Additionally, these messages remain stored on WhatsApp servers for up to two weeks, increasing the risk of potential abuse.

Meta’s Response

Meta, the parent company of WhatsApp, has responded after Zengo X responsibly disclosed the flaw. Meta confirmed they are currently rolling out patches, focusing on securing web versions of WhatsApp. However, this interim measure isn’t the final fix. A more comprehensive update is expected to address the vulnerability fully.

Meta’s bug bounty program played a critical role in identifying this issue. They are working towards a full patch and encourage users to remain cautious. Specifically, Meta suggests sharing sensitive media only with trusted contacts during this period.

Ongoing Concerns

While Meta is working on a complete fix, users should remain aware of the limitations in the current “View Once” feature. The vulnerability allows attackers not only to bypass the feature but also to access low-quality media previews without downloading the entire message. Attackers can also manipulate the system by changing the “view once” flag to “false,” making the message permanent.

Security experts, like Tal Be’ery of Zengo X, have emphasized that this flaw creates a “false sense of privacy”. Users think their messages are secure when, in reality, they are vulnerable on certain platforms.

Recommendations

Until a final patch is released, users should exercise caution when using the “View Once” feature. Sharing sensitive information through the web and desktop versions of WhatsApp is risky. It’s better to send such messages only to trusted contacts.

For more in-depth details, you can read the full technical report by Zengo X here.

More Recent WhatsApp Vulnerabilities

WhatsApp has recently addressed several other serious security vulnerabilities that could put users at risk. While updates have been rolled out, these issues demonstrate why keeping WhatsApp updated is crucial.

Remote Code Execution Vulnerabilities (CVE-2022-36934 & CVE-2022-27492)

WhatsApp fixed two critical remote code execution (RCE) vulnerabilities in 2024. The first, identified as CVE-2022-36934, affected the Video Call Handler. Attackers could exploit this flaw by initiating a video call, leading to an integer overflow that let them take control of the device. The second, CVE-2022-27492, was found in the Video File Handler. It allowed attackers to execute malicious code when users opened a specially crafted video file.

These flaws impacted both iOS and Android users with WhatsApp versions prior to 2.22.16.12 for Android and 2.22.15.9 for iOS. Users are strongly advised to update their apps to protect against such risks.

Enhancing WhatsApp Security

To combat the increasing risks of hacking, WhatsApp introduced several new security features. These enhancements provide significantly stronger protection against unauthorized access and malware attacks.

Account Protect adds an extra layer of security when transferring your WhatsApp account to a new device. This feature requires confirmation from your old device, making it much harder for unauthorized users to take over your account.

Device Verification is another critical update. It prevents advanced malware attacks that attempt to hijack your WhatsApp account. By introducing automated security tokens, WhatsApp ensures that your account remains protected, even if your device is compromised.

Additionally, Automatic Security Codes streamline the verification of secure connections. WhatsApp has introduced a feature called Key Transparency, which automates this process. This ensures your conversations are secure without requiring manual intervention, offering further protection against WhatsApp hacking.

To learn more about these new security features, check out WhatsApp’s official blog post.

Enhancing WhatsApp Security with DataShielder NFC HSM, DataShielder HSM PGP, and PassCypher NFC HSM

For even greater security, especially in scenarios where your credentials might be compromised, integrating advanced hardware security modules (HSM) like DataShielder NFC HSM, DataShielder HSM PGP, or PassCypher NFC HSM can significantly fortify your defenses.

DataShielder NFC HSM securely stores and manages encryption keys on a hardware device, ensuring that even if your credentials are exposed, your encrypted data remains inaccessible. You can explore the DataShielder NFC HSM Starter Kit here.

DataShielder HSM PGP provides robust protection for your WhatsApp messages by using PGP encryption. This ensures that all communications are encrypted with strong cryptographic keys securely stored on the HSM.

PassCypher NFC HSM enhances security by generating one-time passwords (OTP) using TOTP or HOTP methods. Even if your static credentials are compromised, the dynamic passwords generated by PassCypher prevent unauthorized access. This, combined with secure key management, makes it nearly impossible for attackers to access your account. Learn more about PassCypher NFC HSM here.

These technologies add critical layers of defense, ensuring that your WhatsApp communications are protected from even the most sophisticated hacking attempts.

Preventive Measures Against WhatsApp Hacking

WhatsApp hacking can affect any user and have serious implications for both private and professional lives. Therefore, it’s crucial to adopt simple yet effective preventive measures, such as activating two-step verification, using fingerprint or face recognition, and changing your voicemail code regularly. Additionally, incorporating advanced technological solutions like those offered by Freemindtronic, such as EviCrypt, EviFile, DataShielder, and PassCypher, can further enhance your security by encrypting texts and files directly within WhatsApp, using physical origin trust criteria.

With these robust measures in place, you can greatly reduce the risk of WhatsApp hacking, ensuring that your sensitive data remains secure.

Communication Vulnerabilities 2023: Avoiding Cyber Threats

Person working on a laptop within a protective dome, surrounded by falling hexadecimal ASCII characters, highlighting communication vulnerabilities
The hidden dangers of communication vulnerabilities in 2023  by Jacques Gascuel: This article will be updated with any new information on the topic.

Beware of communication vulnerabilities in 2023

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In 2023, hackers will exploit the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. This article will explain the main types of communication vulnerabilities, their impact, and how to protect yourself from them.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

Communication Vulnerabilities in 2023: Unveiling the Hidden Dangers and Strategies to Evade Cyber Threats

2023 Security Vulnerabilities in Means of Communication

Communication is essential for individuals and professionals, but it is also exposed to many cyber threats. In 2023, several security breaches affected emails and messages, compromising the security of data, services, and users. These breaches showed the vulnerability of communication systems, which are exposed to increasingly sophisticated and targeted attacks. To protect themselves, users need to encrypt their data and communications with their own keys that they created and stored offline. One of the solutions that can help them achieve this is EviCypher NFC HSM technology by Freemindtronic.

The Reality of Security Breaches in Communication Systems

However, we wanted to highlight a disconcerting reality: users often found themselves defenseless against the hidden dangers of communication vulnerabilities in 2023 that festered beneath the surface for long periods of time. Unaware of these current, imminent or future risks, they unwittingly provided gateways to espionage activities, whether motivated by legitimate or malicious intentions. These vulnerabilities enabled a relentless cycle of cyber victimization, perpetuating the very threats they aimed to mitigate.

For example, iCloud Email operated without end-to-end encryption from its launch in 2011 until December 2022 – a troubling reality that put users in a vulnerable position, their security at the mercy of external factors they could not control.

Another example, several reports by the Citizen Lab have revealed the existence and the use of Pegasus spyware developed by the Israeli company NSO Group, which sells its services to governments and private actors to spy on targets around the world. Moreover, several investigations by the consortium Forbidden Stories have revealed that more than 50,000 phone numbers have been selected as potential targets by NSO Group’s clients, including heads of state, journalists, human rights activists, etc.

Among the most recent examples of these vulnerabilities, we can mention the cyberattack against the US State Department, which was attributed to hackers linked to China.

Chinese hackers hacked 60,000 emails from the US State Department

In March 2023, Chinese hackers hacked 60,000 emails from the US State Department. Some of them were very sensitive to national security and foreign affairs. They used a Microsoft Exchange flaw named Log4Shell. This vulnerability allows hackers to remotely execute malicious code on servers that use this software. It affects millions of servers worldwide. Senator Mark Warner revealed the attack and criticized the lack of transparency and security of the State Department. He called for strengthening cooperation between government agencies and the private sector to cope with cyberthreats. This attack is part of a context of rising tensions between the US and China, who accuse each other of espionage and sabotage on cyberspace.

The other sensitive organs targeted by the attack

Besides the State Department emails, the attack also targeted other sensitive organs, such as:

  • The Bureau of the Coordinator for Cyber Issues, which is responsible for coordinating the State Department’s efforts to prevent and respond to cyberattacks.
  • The Bureau of Consular Affairs, which is in charge of issuing passports and visas, as well as protecting US citizens abroad.
  • The Bureau of Intelligence and Research, which provides analysis and assessments on foreign policy and national security issues.

These sensitive organs hold confidential or personal information that could be used by the Chinese hackers for espionage, blackmail or sabotage. For example, the hackers could access the biometric data of visa applicants, the reports of intelligence agents or the action plans in case of crisis.

The security flaw exploited by the Chinese hackers

The most serious thing is that some servers that were hacked by the Chinese had not been updated with the patch released by Microsoft on December 10, 2022. This shows that the updates are not automatic and that they have to be installed manually. This also shows the lack of responsiveness and vigilance of the IT security managers. They let the Chinese hackers exploit this flaw before it was fixed by Microsoft, who released security updates. Indeed, this cyberattack shows the vulnerability of communication systems and the need to protect them effectively.

A Case of Satellite Messaging Security Vulnerability

Satellite messaging is a means of communication that allows the transmission of electronic messages or calls via a network of artificial satellites. It is used by professionals and individuals in areas with no cellular coverage or those seeking discreet communication. However, satellite messaging is not immune to security vulnerabilities that can compromise data confidentiality and integrity.

In September 2023, a team of cybersecurity researchers uncovered a significant security vulnerability in the Bullitt satellite messaging service. This vulnerability allowed hackers to read and modify messages sent and received by users, as well as access their personal information, including GPS coordinates and phone numbers. Hackers could also impersonate users by sending messages on their behalf. The vulnerability was found in the PubNub-Kotlin API used by the Bullitt Messenger app to manage communication between devices and the service’s servers. Despite alerting Bullitt, the service provider, about this vulnerability, the researchers received no satisfactory response.

This security flaw poses a high risk to satellite messaging users, as their data can be exposed or manipulated by hackers.

Security Vulnerabilities in Communication Systems: A Closer Look

2023 Security Flaws in Communication Channels is a paramount concern for individuals and organizations across the globe. Hackers frequently exploit vulnerabilities within communication protocols and services to launch attacks that can compromise data confidentiality, integrity, and availability. To illustrate the magnitude and gravity of this issue, we have compiled statistics based on our web research:

Security Vulnerabilities in Emails

Emails serve as a central vector for cyberattacks, representing a significant portion of security incidents, with up to 91% of reported incidents, as per cybermalveillance.gouv.fr. Among these email-targeted threats, ransomware attacks are the most prevalent, comprising 25% of reported security incidents. Additionally, it’s striking to note that 48% of malicious files attached to emails are Microsoft Office documents. These statistics underscore the critical importance of implementing robust security measures for emails to guard against evolving threats.

Furthermore, an analysis conducted by the Verizon Data Breach Investigations Report for 20232 highlights that emails remain the primary variety of malicious actions in data breaches, underscoring their continued relevance as a vector for cyberattacks.

However, it is essential to note that email-specific vulnerabilities can vary based on factors such as email protocol vulnerabilities, server configuration errors, human mistakes, among others.

Security Vulnerabilities in Encrypted Messaging Services

Encrypted messaging services like Signal, Telegram, or WhatsApp are not immune to security vulnerabilities, which can compromise message and file confidentiality, integrity, and availability. In March 2023, Cellebrite, an Israeli data extraction company, claimed to have successfully decrypted messages and files sent via Signal. In June 2023, Google disclosed a vulnerability in its RCS service that allowed hackers to send fraudulent messages to Android users, containing malicious links redirecting victims to compromised websites.

Security Vulnerabilities in Communication Protocols

Communication protocols such as SMTP, RCS, or SMS are also susceptible to security vulnerabilities that can enable hackers to intercept, modify, or spoof messages and calls. SS7 vulnerabilities involve attacks exploiting the vulnerabilities of the SS7 protocol, used to establish and terminate telephone calls on digital signaling networks. These attacks can allow hackers to intercept, modify, or spoof voice and SMS communications on a cellular network. In January 2023, a hacking group named Ransomware.vc launched a data extortion campaign targeting organizations using the Progress MOVEit file transfer tool. The hackers exploited an SS7 vulnerability to intercept verification codes sent via SMS to MOVEit users, gaining access to sensitive data. In February 2023, the Ukrainian power grid was hit by a new malware called Industroyer2, attributed to Russian hackers. The malware used an SS7 vulnerability to take control of network operator phone calls, disrupting electricity distribution in the country. In March 2023, Samsung suffered a data breach that exposed the personal and financial information of millions of customers. The breach was caused by an SS7 vulnerability that allowed hackers to access SMS messages containing online transaction confirmation codes.

An Overview of Security Vulnerabilities in Communication Systems

Communication systems exhibit various vulnerabilities, with each element susceptible to exploitation by hackers. These weaknesses can have severe consequences, including financial losses, damage to reputation, or national security breaches.

  • Protocols: Communication protocols, like Internet Protocol (IP), Simple Mail Transfer Protocol (SMTP), Signaling System 7 (SS7), and Rich Communication Services (RCS), can contain security vulnerabilities. These vulnerabilities enable hackers to intercept, modify, or spoof communications on the network. For instance, an SS7 vulnerability allows hackers to eavesdrop on phone calls or read SMS messages on a cellular network.
  • Services: Network services, such as messaging, cloud, streaming, or payment services, possess their own vulnerabilities. These vulnerabilities may permit hackers to access, modify, or delete data within the service. For instance, a vulnerability in an encrypted messaging service enables hackers to decrypt messages or files sent via the service.
  • Applications: Software applications, including web, mobile, desktop, or IoT applications, are prone to security vulnerabilities. These vulnerabilities empower hackers to execute malicious code on a user’s device or gain control of the device itself. For example, a vulnerability in a web application allows hackers to inject malicious code into the displayed web page.
  • Devices: Physical devices, such as computers, smartphones, tablets, or IoT devices, feature their own set of security vulnerabilities. These vulnerabilities can enable hackers to access the device’s data or functionalities. For instance, a vulnerability in a smartphone grants hackers access to the device’s camera, microphone, or GPS.

In conclusion, the multitude of security vulnerabilities in communication systems presents a significant challenge to all stakeholders. Protecting against these vulnerabilities and enhancing cybersecurity is essential to safeguard sensitive data and infrastructure.

How communication vulnerabilities exposed millions of users to cyberattacks in the past years

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In the past years, hackers exploited the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. These vulnerabilities affected software and services widely used, such as Log4j, Microsoft Exchange, Exim, Signal, Telegram, or WhatsApp. Some of these vulnerabilities have been fixed, while others remain active or in progress. The following table summarizes the main communication vulnerabilities in the past years, their impact, and their status.

Name of the breach Type of breach Impact Status Date of discovery Date of patch
Log4j Command injection Control of servers and Java applications Fixed November 24, 2021 December 18, 2021
Microsoft Exchange Remote code execution Data theft and backdoor installation Fixed March 2, 2021
Exim Multiple vulnerabilities Control of email servers June 5, 2020
Signal Denial of service Blocking of messages and calls Fixed May 11, 2020 May 15, 2020
Telegram Deserialization Access to messages and files Fixed January 23, 2021
WhatsApp QR code spoofing Account hacking Fixed October 10, 2019
File-based XSS Code injection Execution of malicious code in the browser Not fixed December 17, 2020 N/A
RCS QR code spoofing Interception, modification or spoofing of messages and calls Not fixed June 17, 2020 N/A
SMS SIM swap fraud Account takeover and identity theft Active or in progress
MMS Stagefright vulnerability Remote code execution and data theft Fixed July 27, 2015 August-September 2015
SolarWinds Orion Supply chain compromise Data theft and backdoor installation Fixed December 8, 2020 February 25, 2023
API PubNub-Kotlin Privilege escalation by deserialization of untrusted data Arbitrary command execution on SolarWinds Platform website Fixed February 8, 2022 April 19, 2023
SS7 Multiple vulnerabilities Data theft, interception, modification or blocking of communications, location tracking or spoofing, fraud Active or in progress 2014 N/A

This table provides a concise overview of the hidden dangers of communication vulnerabilities in 2023, their types, impacts, and current statuses.

EviCypher NFC HSM: The technology that makes your communications invulnerable to security breaches

Security vulnerabilities in the means of communication pose a high risk to users, including satellite messaging, as their data can be exposed or manipulated by hackers. Therefore, effective protection against this threat is essential. This is precisely where the EviCypher NFC HSM technologies mentioned in this article come in as an innovative and secure solution.

EviCypher NFC HSM Technology for Messaging Protection

EviCypher NFC HSM technology is a solution that enables contactless encryption and decryption of data using an NFC card. It employs a hardware security module (HSM) that securely stores encryption keys. It is compatible with various communication services, including emails, SMS, MMS, satellite messaging, and chats.

To use EviCypher NFC HSM technology, simply pair the NFC Card, to an NFC-enabled Android phone and activate it with your fingerprint. Messages sent and received through messaging services are encrypted and decrypted using the NFC card. Only the card owner can access their messages and files. No one can intercept or alter them, even if the  service is compromised by a security vulnerability.

EviCypher NFC HSM technology offers optimal protection for commincation, ensuring data confidentiality and integrity. It also safeguards against other types of security vulnerabilities that may affect communication methods, such as Log4Shell or SolarWinds. It is a simple, effective solution that requires no change in user habits.

What is EviCypher NFC HSM technology?

EviCypher NFC HSM technology is a contactless encryption technology that uses hardware security modules (HSM) devices that communicate via NFC (Near Field Communication) protocols. These devices are EviTag and Evicard, which are small and portable devices that can be attached to a keychain or a card holder. They allow users to store and manage their keys and secrets securely, without relying on third-party services or cloud storage.

How does EviCypher NFC HSM technology work?

EviCypher NFC HSM technology works by encrypting and decrypting data and communications with the user’s own keys that they created and stored offline. The user can use the devices for various applications, such as encrypting emails, messages or files.

To use NFC HSMs, the user must first pair it with their phone. He chooses the option of encryption or decryption on his phone, writes or reads his messages on his phone. Encryption and decryption operations are performed from the NFC HSM itself, without exposing keys or secrets to the phone. The same operation is available on computer via a phone-paired web extension and using the NFC HSM.

Why is EviCypher NFC HSM technology secure and reliable?

EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It enables to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

How can EviCypher NFC HSM technology protect you from security breaches?

EviCypher NFC HSM technology can protect you from security breaches by encrypting your data and communications in advance in volatile memory before sending them encrypted without ever keeping the message in clear automatically destroyed and replaced by its encrypted version in AES 256 symmetry considered post quantum. Thus, even if there are security flaws the messages and emails and their attachments remain always encrypted. This can be done from an Android NFC phone and/or from the Freemindtronic extension.

This way, you can avoid being exposed to past, present or future security vulnerabilities, since the encryption is done on the device itself, without exposing the keys or secrets to the phone or computer. Even if your phone or computer is compromised by a hacker or a spyware, they cannot access your data or messages in clear text. Only you can decrypt them with your device and your PIN code.

EviCypher NFC HSM technology is an innovative solution that offers a high level of security and privacy for your communication systems. It is developed by Freemindtronic, an Andorran company specialized in NFC security. It is based on EviCore NFC HSM technology, which is a hardware security module that combines hardware encryption and NFC communication protocols.

In conclusion, the EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It allows to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

DataShielder HSM Fortress Award 2023: Andorran Data Encryption Solution

DataShielder HSM, FullSecure's Andorran solution featuring Freemindtronic technologies, wins the 2023 Fortress Award

DataShielder HSM, Fullsecure’s Andorran data encryption solution featuring Freemindtronic technologies, wins the 2023 Fortress Award

We are proud to announce that our Andorran DataShielder HSM solution from Fullsecure, developed by Freemindtronic, has won the Fortress 2023 Cyber Security Award in encryption in the product and service category. This award, awarded by the Business Intelligence Group, recognizes the excellence and innovation of companies around the world, products and people in the field of cybersecurity. DataShielder HSM from Fullsecure is a serverless encryption solution that uses EviCore HSM OpenPGP technology from Freemindtronic. This technology creates Hybrid Hardware Security Modules (H-HSM) on any device, such as computers, phones, cloud storage, HDs, SSDs, SD cards, and USB media. By combining hardware and software, the hardware securely stores keys, ensuring high-level security, while the software handles encryption and signing. This hybrid approach leverages the strengths of both components, providing robust security and flexibility.

DataShielder HSM is an innovative solution that manages and generates various types of tokens (identifiers, passwords, certificates, encryption keys, etc.) on any medium, whether connected or not. It offers high security and performance by encrypting, signing, and authenticating data with keys stored in self-created secure hardware modules. DataShielder HSM transforms any device into a Hardware Security Module (HSM) without the need for servers or databases, ensuring total anonymity, untraceability, and undetectability. The DataShielder HSM range is a comprehensive ecosystem that addresses numerous safety and cybersecurity needs, particularly in mobility.

DataShielder HSM also incorporates the EviSign technology developed by Freemindtronic, which allows electronically signing documents with a legally recognized value. EviSign uses the OpenPGP protocol to ensure the integrity, authenticity and non-repudiation of signatures. EviSign is compatible with all document formats (PDF, Word, Excel, etc.) and can be used with any NFC reader or smartphone.

The Fortress 2023 Cyber Security Award acknowledges the work and expertise of Freemindtronic, who offers innovative and adapted solutions to the current and future challenges of cybersecurity. Freemindtronic is proud of this distinction and thank the jury of the contest as well as their customers and partners for their trust and support.

DataShielder HSM was presented in a Dual-Use version in June 2022 at Coges Eurosatory (https://www.eurosatory.com), the international defense and security exhibition. This version allows DataShielder HSM Hybrid Encryption Solutions to be used for both civil and military applications, offering a level of protection adapted to each context. The Dual-Use version of DataShielder HSM will soon be available in a civilian version by the end of October 2023, to meet the growing demand from individuals and professionals keen to protect their sensitive data.

We are very proud that DataShielder HSM from Fullsecure has been awarded the Fortress Cyber Security Award 2023”, said Christine Bernard, director of Fullsecure. “Our solution provides an innovative and adapted response to the current and future challenges of cybersecurity. We thank the Business Intelligence Group for this distinction, as well as our customers and partners for their trust and support.

“We are also very happy to be the first Andorran company to have applied for the Fortress Cyber ​​​​Security Award created in 2018 by the Business Intelligence Group. The Business Intelligence Group is an organization that recognizes true talent and superior performance in the business world. Its Fortress Cyber ​​Security Award aims to identify and recognize the world’s leading companies and products working to protect our data and electronic assets against a growing threat from hackers.”

Fortress Cyber security Award 2023 logo
Dylan DA COSTA FERNANDES gerent programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Eric Casanova programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Hugo Goncalves Oliveira co-gerent programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Alex Garcia Sanchez programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Adrian Serrano Gómez programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Victor Gil Feliu programador de DataShielder HSM a Freemindtronic premi Fortress Cybersecurity award 2023
Jacques Gascuel Inventor de datashielder HSM CEO de Freemindtronic Andorra el Premi Fortress 2023 cat

DataShielder HSM OpenPGP: Una solució de xifratge 100% andorrana

En resum, DataShielder HSM OpenPGP és una solució innovadora que permet crear mòduls de seguretat hardware (HSM) en qualsevol tipus de suport (ordinador, telèfon, núvol, HD, SSD, SD, clau USB) per xifrar i signar qualsevol tipus de dada. Aquesta solució utilitza la tecnologia EviCore HSM OpenPGP desenvolupada per Freemindtronic, una empresa andorrana titular de patents internacionals i líder en les tecnologies NFC HSM. Aquesta tecnologia ofereix un alt nivell de seguretat i rendiment.

Es tracta del primer producte dedicat a la gestió de claus de xifratge i de xifratge per HSM 100% andorrà. En efecte, l’equip de desenvolupament de DataShielder HSM OpenPGP és 100% d’una formació de la Universitat d’Andorra, l’única universitat pública del país. La Universitat d’Andorra és reconeguda per la seva excel·lència acadèmica i la seva recerca innovadora en els àmbits de les ciències, l’enginyeria i les tecnologies de la informació. L’equip de desenvolupament de DataShielder HSM OpenPGP va ser coordinat per un enginyer de programari de la Universitat Politècnica de Catalunya (UPC) i professor de la Universitat d’Andorra. Això fa de DataShielder HSM OpenPGP el primer sistema de xifratge d’origen andorrà a haver rebut un premi internacional, el “Fortress Cybersecurity Award”.

Aquesta solució testimonia el saber fer i el potencial d’Andorra en el camp de la ciberseguretat i el xifratge de les dades. DataShielder HSM OpenPGP és una solució que respon a les necessitats actuals i futures de les empreses i els particulars que volen protegir les seves dades sensibles al núvol o als sistemes informàtics, oferint una nova solució en el camp de la sobirania de les dades.

You will soon be able to learn more about the DataShielder HSM product line at Fullsecure. Without waiting you can already learn more about the Freemindtronic technologies embedded in DataShielder HSM, by clicking on the following links:

To learn more about the Fortress 2023 Cyber Security Award and other winners, you can visit the following sites:

Premsa Nacional d’Andorra:

DataShielder HSM de la revista de tecnologia Freemindtronic Fullsecure i incrustada Bondia 29 de setembre de 2023
Diari Andorra dijous 5 octubre del 2023: Fullsecure Guanya el Premi Fortress Andorra national press

News provided by Fortress® Cybersecurity Award 2023 from Business Intelligence Group

The Business Intelligence Group was founded with the mission of recognizing true talent and superior performance in the business world. Unlike other industry award programs, these programs are judged by business executives having experience and knowledge. The organization’s proprietary and unique scoring system selectively measures performance across multiple business domains and rewards those companies whose achievements stand above those of their peers.

May 31, 2023 Related Link: https://www.bintelligence.com/posts/105-people-companies-and-products-named-in-2023-fortress-cyber-security-awards

2023 Awards Fortress Cyber Security Award

DataShielder HSM Fortress Award 2023: Andorran Data Encryption Solution

2022 Awards Cybersecurity EviCypher Technology

Gold Globee Winner 2022 Cyber Computer NFC

Awards CES Awards Keepser New

Keepser Group Award CES 2022

2022 Events EviCypher NFC HSM Exhibitions Licences Freemindtronic NFC Contactless

Secure Card CES 2022

2021 Cybersecurity Distinction Excellence EviCypher Technology finalists

E&T Innovation Awards Cybersecurity

2021 Awards Communications Distinction Excellence EviCypher Technology finalists IT

E&T Innovation Awards Communications & IT

2021 Distinction Excellence The National Cyber Awards

Highly Commended at National Cyber Awards: Freemindtronic’s 2021 Success

2021 Awards Distinction Excellence finalists

Finalists The National Cyber Awards 2021

Awards Cyberculture EviCypher Technology International Inventions Geneva NFC HSM technology

Geneva International Exhibition of Inventions 2021

Awards Global Infosec Awards News Press

List of Winners Global Infosec Awards 2021

2021 Awards International Inventions Geneva

EviCypher Gold Medal 2021 of the Geneva International Inventions

2017 Awards Embedded System Awards IoT

Award 2017 MtoM & Embedded System & IoT

2017 Cybersecurity finalists

Award FIC 2017 10th Most innovative international startup

2015 finalists NFC Contactless

Finalist Contactless Services Challenge

2015 Awards Distinction Excellence EviKey & EviDisk

FIC 2015 Distinction Excellence 19th Most innovative international startup

2014 Awards Embedded System Awards EviKey & EviDisk News

The story of the first NFC hardened USB stick EviKey

2014 Awards Electronics Embedded System Awards EviKey & EviDisk

Embedded Trophy 2014 Freemindtronic

To improve in English: If you want to download images, Freemindtronic logo, you can access the Freemindtronic media kit, which contains various files and information related to the company and its products or awards. You will find the link to the media kit at the end of this article. In addition, if you prefer to read this article in another language, or download the press release, you can choose from the following options:

  • Download the press release in English by clicking here
  • Llegeix aquest article en català clica aquí

We hope you enjoyed this article and that you learned something interesting about Freemindtronic and its innovative technology.

[Kit de mitjans de Freemindtronic]

Protect Your Data from AMOS Malware

AMOS malware protection with Keepser NFC Cold Xallet


AMOS Malware Protection by Jacques gascuel
This article will be updated with any new information on the topic, and readers are encouraged to leave comments or contact the author with any suggestions or additions.
Related topic :
CryptBot malware

Protect Your Mac from AMOS Malware

Are you worried about the threat of AMOS malware on your Mac? Keep your data safe with Keepser Cold Wallet. Learn how this technology can protect your sensitive information from this dangerous malware.

2024 Cyberculture Legal information

ePrivacy Regulation: Transforming Messaging Privacy in 2025

2024 Articles Technical News

Best 2FA MFA Solutions for 2024: Focus on TOTP & HOTP

2024 Articles Cyberculture Legal information

ANSSI Cryptography Authorization: Complete Declaration Guide

2024 Articles Technical News

New Microsoft Uninstallable Recall: Enhanced Security at Its Core

2024 Articles Cyberculture

EAN Code Andorra: Why It Shares Spain’s 84 Code

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Articles Cyberculture legal Legal information News

End-to-End Messaging Encryption Regulation – A European Issue

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

AMOS Malware Protection with Keepser Cold Wallet

The Threat of AMOS Malware on macOS

AMOS malware is a growing threat to macOS users. Hackers are marketing a new malware for the macOS operating system. Named Atomic Macos Stealer or AMOS, this malicious software is designed to steal user data for $1,000 per month. It extracts passwords from the keychain, steals files on disks, cookies, as well as cards and identification information stored in the browser and tries to extract data from 50 different cryptocurrency wallets. Buyers also benefit from a complete web dashboard to brute force MetaMask.

How AMOS Malware Works

AMOS is capable of accessing iCloud keychain passwords, system information, files from the desktop and documents folder, as well as the Mac password. It is able to infiltrate applications such as Chrome and Firefox and extract autofill information, passwords, cookies, wallets and credit card information. Cryptocurrency wallets such as Electrum, Binance and Atomic are specific targets.

The malware is being propagated using an unsigned disk image file called Setup.dmg. Once executed, the file prompts the victim to enter their system password on a bogus prompt. This allows the malware to escalate privileges and carry out its malicious activities. This technique is similar to that used by other macOS malware, such as MacStealer.

How to Protect Against AMOS Malware

The increase in the deployment of macOS stealer malware by non-state actors highlights the need for users to be cautious when downloading and installing software. The cybersecurity industry recommends that users only download and install software from trustworthy sources, enable two-factor authentication, review app permissions, and refrain from opening suspicious links received via email or SMS messages.

The Solution: Keepser Cold Wallet with EviVault Technology

However, there is a solution to protect your sensitive data against AMOS malware. For only €387, you can purchase two NFC Cold Wallet Keepser from Keepser Group with EviVault technology from Freemindtronic SL. These wallets allow you to store offline and physically externalized from macOS and/or PC computers the private keys and/or seed phrases of cryptocurrency wallets as well as identifier and password pairs. Thus, it will simply be impossible to extract sensitive data from a computer that is not physically present in these computers, even for this AMOS malware.

By using EviVault NFC Cold Wallet technologies from Freemindtronic embedded in Keepser products, you can protect your sensitive data against malware attacks such as AMOS or Cryptbot. These wallets also work on macOS, providing additional protection to Mac users.

The Benefits of EviVault Technology

Thanks to EviVault technology developed by Freemindtronic, the Keepser Cold Wallet is a unique ultra-secure cold storage solution for cryptocurrency wallets, offering anonymous, offline and contactless use via NFC technology, as well as compatibility with NFC Android phones and computer systems via a browser extension.

It’s like they say: “Why pay €1,000 per month to steal sensitive data when you can pay €387 one shot for AMOS malware protection without subscription to protect against it (and other malware like Cryptbot)!” 😉

It is important to take seriously the threats posed by malware such as AMOS and to take the necessary measures to protect your sensitive data. By using advanced technologies such as EviVault NFC Cold Wallet from Freemindtronic embedded in Keepser products, you can ensure that your data is secure.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.