Sources tell KrebsOnSecurity thatMicrosoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020.

According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles certificate and cryptographic messaging functions in the CryptoAPI. The Microsoft CryptoAPIprovides services that enable developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsofts Internet Explorer/Edge browsers, as well as a number of third-party applications and tools.

Equally concerning, a flaw in crypt32.dll might also be abused to spoof the digital signature tied to a specific piece of software. Such a weakness could be exploited by attackers to make malware appear to be a benign program that was produced and signed by a legitimate software company.

This component was introduced into Windows more than 20 years ago back in Windows NT 4.0. Consequently, all versions of Windows are likely affected (including Windows XP, which is no longer being supported with patches from Microsoft).

Microsoft has not yet responded to requests for comment. However, KrebsOnSecurity has heard rumblings from several sources over the past 48 hours that this Patch Tuesday (tomorrow) will include a doozy of an update that will need to be addressed immediately by all organizations running Windows.

Update 7:49 p.m. ET: Microsoft responded, saying that it does not discuss the details of reported vulnerabilities before an update is available. The company also said it does not release production-ready updates ahead of regular Update Tuesday schedule. Through our Security Update Validation Program (SUVP), we release advance versions of our updates for the purpose of validation and interoperability testing in lab environments, Microsoft said in a written statement. Participants in this program are contractually disallowed from applying the fix to any system outside of this purpose and may not apply it to production infrastructure.

Original story:

Will Dormann, a security researcher who authors many of the vulnerability reports for the CERT Coordination Center (CERT-CC), tweeted today that people should perhaps pay very close attention to installing tomorrows Microsoft Patch Tuesday updates in a timely manner. Even more so than others. I dont knowjust call it a hunch? Dormann declined to elaborate on that teaser.

It could be that the timing and topic here (cryptography) is nothing more than a coincidence, but KrebsOnSecurity today received a heads up from the U.S. National Security Agency (NSA) stating that NSAs Director of Cybersecurity Anne Neuberger is slated to host a call on Jan. 14 with the news media that will provide advanced notification of a current NSA cybersecurity issue.

The NSAs public affairs folks did not respond to requests for more information on the nature or purpose of the discussion. The invitation from the agency said only that the call reflects NSAs efforts to enhance dialogue with industry partners regarding its work in the cybersecurity domain.

Stay tuned for tomorrows coverage of Patch Tuesday and possibly more information on this particular vulnerability.

Tags: Anne Neuberger, CERT Coordination Center, CERT-CC, crypt32.dll, microsoft, Microsoft CryptoAPI, national security agency, nsa, Patch Tuesday January 2020, Will Dormann, windows

This entry was posted on Monday, January 13th, 2020 at 5:17 pmand is filed under Time to Patch.You can follow any comments to this entry through the RSS 2.0 feed.You can skip to the end and leave a comment. Pinging is currently not allowed.

Link:
Cryptic Rumblings Ahead of First 2020 Patch Tuesday - Krebs on Security

In a post on the ConsenSys site published on last week, one of the co-founders of ConsenSys, also a managing partner at DARMA Capital, Andrew Keys, shared his predictions about numerous issues that are important to the world today. Ethereum next generation is on its way.

According to Andrew Keys, with the current state of development, Ethereums Serenity will launch by the end of this year, 2020 will see Ethereum move stridently beyond Phase 0 of Ethereum 2.0, onto Phase 1 and the launch of shard chains, according to Keys.

The recent Istanbul hard fork which introduced several improvements and adjustments was the last stage in Ethereum 1.0.

There are some of the core Ethereum Improvement Proposals (EIPs) that went into the upgrade, were closely related to Zcash (ZEC). EIP-152 improved interoperability with the actual Zcash blockchain, and EIP-1108 made optimizations for cryptography routines leveraged by projects such as Aztec and Zether.

The same powering Zcash shielded transactions, SNARK zero-knowledge technology is used in Aztec Protocol to introduce confidential transactions within the Ethereum (ETH) blockchain.

On a basic level, SNARKs Zk Sync technology would allow offloading of the majority of transactional computations off-chain by using a zero-knowledge proof to guarantee their correct execution. Matter Labs is attempting to leverage SNARKs. Meanwhile, Plasma is focusing on creating sidechains for specific use cases.

CEO of ConsenSys Joseph Lubin explained in a 2019 interview with Cointelegraph:

Plasma is this class of technologies that enable you to have less decentralized platforms sitting at layer two in the Ethereum ecosystem. They can benefit from the full trust in some cases sometimes they benefit from partial trust but if they're linked in really rigorously, they can benefit from the full trust of the base trust layer, and you can get the best of both worlds.

However, these technologies have not yet appeared, and only Aztec is expected to launch its cryptography engine this month. In a blog post, Matter Labs revealed that it would launch a smart contract framework this month, but not the full scaling technology.

A non-profit research group, Plasma Group, stated that their theoretical work on the technology is complete, but the group failed to indicate specific implementations underway.

When asked by Cointelegraph whether 2020 will feature working sidechain solutions, Afri Schoeden, a former Parity Technologies developer replied:

No. We will see COSMOS maturing, Polkadot launching maybe, and Ethereum 2.0 finally taking shape. But we are still far away from viable solutions that would work in production.

While progress may not be as quick as some would hope, Ethereum is demonstrating that crypto technology can grow to tackle new challenges. 2020 promises to be an existing year for crypto, and Ethereum in particular.

Original post:
ConsenSys Co-Founder says Ethereum 2.0 will be launched in 2020 - BitBoy Crypto

Ritika Sharma Monday, 13 January 2020, 03:49 EST Modified date: Monday, 13 January 2020, 05:00 EST

Quantum computing whenever hit the headlines left not just Bitcoin holders but also every Cryptocurrency holder worried about the uncertainty around their holdings.

It widely believed that the underlying technology of Bitcoin, Blockchain is immutable, meaning it cannot be changed or encrypted without authority over encryption keys.

However, with quantum computers, it is possible to break a blockchains cryptographic codes. Quantum computing can hit the most significant features of Blockchain like unchangeable data, unalterable, and security making it vulnerable.

Google has achieved quantum supremacy as of late 2019, which poses a threat to Bitcoin. It will be a threat to Blockchain, as quantum computing will affect one blockchains key features like inalterability and security, thus making Blockchain as highly vulnerable technology.

Later, china Joined Google in the quantum supremacy Race and announced working on quantum technology. With this, the year 2020 might witness the end of the Crypto Era.

How can Quantum computing break the Blockchain?

The reason behind this fear is quite genuine and straightforward: Bitcoin or any Cryptocurrency depends on cryptography, hash functions, and asymmetric cryptographic number mainly relies on the computing power of computers. The hash function calculates a random number for each block.

The results obtained by this process are effortless to verify, but challenging to find. However, quantum computing has powerful algorithmic capabilities, which is precisely the enemy of this key.

Quantum computing uses subatomic particles, which will be available in more than one state at one time. This feature makes Quantum computing faster than the technology we use today.

Quantum computers can work 100 million times faster than current systems; the computational power is capable of solving any complex mathematical equation in a matter of a few seconds, which current systems take 10,000 years to solve.

With such super computational powers, Quantum computers is capable of calculating the one-way functions that will make one-way encryption obsolete.

The risk over Blockchain is more if it gets in the wrong hands. Hackers with a quantum computer can hack the Cryptocurrency ledger and take complete control of Blockchain.

Will Googles Quantum computing wipe out your Bitcoins?

Googles quantum Supremacy only to traditional computers on classical problems; this isnt actual quantum technology. It was presented bluntly as, quantum supremacy, though it is just a step in the world of quantum computing space.

Even if Googles quantum computer demonstrates, its computing power on specific problems far exceeds the best performing supercomputing. The results of this research by Google do not have much meaning in terms of Bitcoin. This isnt even near to what we can call breaking Bitcoin or Blockchain.

However, Googles quantum supremacy does not pose any threat to Bitcoin; many people in the space still stressed about quantum threat theory. Many analysts claim that the quantum algorithm used by Shor can crack private keys, but again, there Is a long way to go before it could break bitcoins Blockchain.

According to researchers, a quantum computer with 4,000 qubits is undoubtedly able to break the Blockchain. Still, googles the quantum computer has only 53 qubits, which cannot cause any harm to Blockchain, and it is worth mentioning that The higher the qubit, the more difficult it becomes.

Satoshi Nakamotos Proposed solution to beat Quantum Supremacy

Satoshi was a true visionary, the things we are concerned about today, and had already been answered by him. In 2010, satoshi Nakamoto responded to the question about quantum computers by username llama on bitcoin talk.

He replied that If Bitcoin suddenly cracked, the signature will be destroyed; but if it is slowly changed, the system still has time to convert to a stronger function, and Re-sign all your assets. Another cruder answer to this question suggested by the author of Mastering Bitcoin, Andreas Antonopoulos, If the quantum computer comes, we will upgrade.

The Quantum supremacy threat isnt new to the crypto world, and many cryptocurrency projects such as Ethereum, quantum chains, etc., focused on making blockchain quantum resistance, experts in Cryptocurrency space also advocating the development of quantum encryption technology to ensure the security of funds.

Unless a threat of Actual Quantum computing of far more powerful processor explodes, Bitcoin and its developers still have time to secure it. With the continuous development in Quantum technology and the development of more qubit chips, still, there will be the sword of Damocles hanging on the head of the cryptocurrency.

Read the original here:
Googles Quantum Supremacy will mark the End of the Bitcoin in 2020 - The Coin Republic

Blockchain in Retail Market by Component (Platform and Services), Application (Compliance Management, Identity Management, Loyalty and Rewards Management, Payments & Smart Contracts, Supply Chain Management, and Others), and Organization Size (Large Enterprises and Small & Medium Enterprises): Global Opportunity Analysis and Industry Forecast, 2018-2026

New York, Jan. 13, 2020 (GLOBE NEWSWIRE) -- Reportlinker.com announces the release of the report "Blockchain in Retail Market by Component, Application, and Organization Size : Global Opportunity Analysis and Industry Forecast, 2018-2026" - https://www.reportlinker.com/p05837036/?utm_source=GNW

Blockchain is a solution for majority of the industrial digital concerns such as, supply chain management, transaction speed, compliance management, product security and counterfeiting, transparency, and others. Blockchain as a technology initially was developed to serve as the public transaction ledger for cryptocurrencies, which uses distributed databases and cryptography to record and secure transactions. This characteristic of blockchain provides a high level of security while transmitting and storing data, open and transparent network infrastructure, decentralized ledger, and low cost of operations benefits. Moreover, blockchain in retail is anticipated to change the paper-intensive international trade processes to digital processes.

Factors such as increase in demand for transparent transactions and smart contracts is the key factor driving the market growth for the blockchain in retail industry. In addition, increase in investment by retail industries in blockchain-based solutions is also expected to boost the market growth. Moreover, rise in need to ensure quality, reliability, authenticity, and product safety are also some of the factors fueling the demand for blockchain solutions and services across global retailers. However, scarcity of skilled experts is expected to impede the market growth during the forecast period. Furthermore, rapid changes in the retail industry due to technological advancements and international trade are expected to provide major growth opportunities for the blockchain retail market in upcoming years.

The global blockchain in retail market is segmented based on component, application, organization size, and region. Based on component, the market is bifurcated into platform and services. Based on application, the market is divided into compliance management, identity management, loyalty and rewards management, payments & smart contracts, supply chain management, others. Based on organization size, the market is classified into large enterprises and small & medium enterprises. Based on region, the market is analyzed across North America, Europe, Asia-Pacific, and LAMEA.

The report analyzes the profiles of key players operating in the market. These include Amazon Web Services, Inc. (AWS), Auxesis Services & Technologies (P) Ltd., Bitfury Group Limited, Cognizant, Infosys Limited, International Business Machines Corporation (IBM), Microsoft Corporation, Oracle Corporation, SAP SE, and Tata Consultancy Services Limited.

KEY BENEFITS The report provides an in-depth analysis of the global blockchain in retail market, outlining current trends, key driving factors, and potential areas for product investments. Key players are analyzed with respect to their primary offerings, recent investments, and future development strategies. Porters five forces analysis illustrates the potency of buyers and suppliers operating in the industry. The quantitative analysis of the global blockchain in retail market from 2018 to 2026 is provided to determine the market potential.

KEY MARKET SEGMENTS

BY COMPONENT Platform Services

BY APPLICATION Compliance management Identity Management Loyalty and Rewards Management Payments & Smart Contracts Supply Chain Management Others

BY ORGANIZATION SIZE Large Enterprises Small & Medium Enterprises

BY REGION North America o U.S. o Canada

Europe o UK o Germany o France o Spain o Rest of Europe

Asia-Pacific o China o India o Japan o Australia o Rest of Asia-Pacific

LAMEA o Latin America o Middle East o Africa

KEY MARKET PLAYERS PROFILED IN THE REPORT Amazon Web Services, Inc. (AWS) Auxesis Services & Technologies (P) Ltd. Bitfury Group Limited Cognizant Infosys Limited International Business Machines Corporation (IBM) Microsoft Corporation Oracle Corporation SAP SE Tata Consultancy Services Limited.

Read the full report: https://www.reportlinker.com/p05837036/?utm_source=GNW

About ReportlinkerReportLinker is an award-winning market research solution. Reportlinker finds and organizes the latest industry data so you get all the market research you need - instantly, in one place.

__________________________

Story continues

Clare: clare@reportlinker.comUS: (339)-368-6001Intl: +1 339-368-6001

View post:
Blockchain in Retail Market by Component, Application, and Organization Size : Global Opportunity Analysis and Industry Forecast, 2018-2026 - Yahoo...

Encryption Software Market Overview:

Worldwide Encryption software Market to 2027 research report conveys industry business patterns and the undertaking information, tolerating one to grasp clients and the stock driving gainfulness and yield development. The report highlights information on improvements and Global Encryption software Market trends, drivers, revenue and furthermore available. The market report pulls in the most peculiar bits of knowledge of this business additionally makes Stevia forecast that is important out there. It accompanies estimations concerning the Encryption software advancement, subordinate and draws in the distinguishing proof of their industry status.

Encryption software is program that makes use of cryptography in order to prevent unlawful admission to digital information. Today cryptography is used to protect the digital information on electronic devices as well as the digital information that is sent to other computers over the Internet.

The report aims to provide an overview of Global Encryption Software Market along with detailed segmentation of market by services, deployment type, application, end users and five major geographical regions. Global encryption software market is expected to witness growth during the forecast period due to rising adoption of encryption software in order to boost data proficiency and security.

Get Sample Copy @ https://www.theinsightpartners.com/sample/TIPTE100000523/

Encryption Software Market Analysis:

The report on the area of Encryption software by Insight Partners includes extensive primary research and detailed analysis of the qualitative and quantitative aspects of various industry experts, key opinion leaders, to better understand the performance of the market Encryption software.

The reports cover key market developments in the Encryption software as organic and inorganic growth strategies. Various companies focus on organic growth strategies such as product launches, product approvals and others such as patents and events. The inorganic growth strategy activities observed in the market were acquisitions, partnerships and collaborations. These activities paved the way for an expansion of the businesses and customers of the market players. The market payers of the Encryption software are destined for lucrative growth opportunities in the future with the increasing demand for market Encryption software in the world market.

Market Analysis of Global Encryption software Until 2027 is an in-depth and in-depth study of the technology, media and telecommunications sector, with particular attention to market trend analysis world. The report aims to provide an overview of the Encryption software market with detailed segmentation of the market by component, type of deployment, industry and region. The global Encryption software market is expected to experience strong growth over the forecast period. The report provides key statistics on the state of the main market Encryption software market players and presents key market trends and opportunities.

Research report @ https://www.theinsightpartners.com/reports/encryption-software-market

About Us:

The Insight Partners is a one stop industry research provider of actionable intelligence. We help our clients in getting solutions to their research requirements through our syndicated and consulting research services. We are a specialist in Technology, Healthcare, Manufacturing, Automotive and Defense.

Contact Us:

Call: +1-646-491-9876

Email: [emailprotected]

Continued here:
Encryption Software Market Global Analysis, Share Report, Industry Trends, Demand, Application and Regional Forecast to 2027 - Expert Recorder