The Megamos Crypto transponder is used in one of the most widely deployed electronic vehicle immobilizers. It is used among others in most Audi, Fiat, Honda, Volkswagen and Volvo cars. Such an immobilizer is an anti-theft device which prevents the engine of the vehicle from starting when the corresponding transponder is not present. This transponder is a passive RFID tag which is embedded in the key of the vehicle. In this paper, the authors have reverse-engineered all proprietary security mechanisms of the transponder, including the cipher and the authentication protocol which we publish here in full detail. This article reveals several weaknesses in the design of the cipher, the authentication protocol and also in their implementation.

RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C all suffer from various crypto, denial of service, and underflow vulnerabilities.

XMB - eXtreme Message Board version 1.9.11.13 suffers from weak crypto and insecure password storage vulnerabilities.

XOOPS version 2.5.7.2 uses weak one way hash crypto MD5 along with unsalted passwords stored in the database.

RSA BSAFE Crypto-J versions prior to 6.2.2 suffer from improper OCSP validation and PKCS#12 timing attack vulnerabilities.

RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition suffer from resource exhaustion, integer overflow, improper clearing of heap memory, covert timing channel, and buffer over-read vulnerabilities.

RSA BSAFE SSL-J versions prior to 6.2.4 contain a heap inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. RSA BSAFE SSL-J versions prior to 6.2.4 contain a covert timing channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key. RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a covert timing channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

Whitepaper called Android Security Research: Crypto Wallet Local Storage Attack.

The Aastra 6753i IP telephone uses 3DES encrypted payloads in ECB mode to pass configuration files, allowing for modification to the phone's set up.

This is a proof of concept exploit that demonstrates the Microsoft Windows CryptoAPI spoofing vulnerability as described in CVE-2020-0601 and disclosed by the NSA.

As part of the UK Governments’ ongoing programme to implement the European Union’s Fifth Money Laundering Directive (5MLD) in UK law, the FCA will begin supervising Anti Money Laundering and Countering Financing of Terrorism (AML/CFT) co...

James Burnie throws light on the law for the custody of crypto-assets in this exclusive interview with New Money Review. Click here to read the article > This article was written and published by New Money Review Staff on November 25, 2019....

As part of the implementation of the Amending Directive of the Fourth EU Directive on Money Laundering (Directive (EU)2018/843), the German Federal Government has decided to include crypto assets in the list of financial instruments and to regulate ...

Part A: Regulation of crypto assets     Germany

  Summary On 1 November HMRC published its much anticipated guidance on the taxation of cryptoassets for businesses. The guidance sets out HMRC’s view on the taxation of transactions involving cryptoasset exchange tokens (such as Bitcoin)...

  What’s new? On 20 December 2019, HMRC published an updated version of its guidance on the taxation of cryptoassets for individuals. The guidance was updated to include a new section in respect of the location (situs) of exchange tokens ...

The UK's Treasury Select Committee released a report into crypto-assets on 19 September.  The Committee’s key conclusion is that regulation of crypto-assets is necessary. Striking a negative tone, it identifies the problems of volatile pr...

Portugal is setting up a technology free-zone that would support innovations such as blockchain, Artificial Intelligence (AI), big data, and 5G internet. The council of ministers of Portugal announced it was working on a plan to build an innovation hub that would harness emerging technologies in a plan dubbed "Digital Transitional Action Plan.” The “technological free zones,” or zonas livres tecnológicas (ZLTs) in Portuguese would drive the country to facilitate the country’s sustainable development efforts. Lisbon’s approach, according to the...

Crypto Authentication Library

CryptoAuthSSH-XSTK (DM320109) - Latest Firmware

CryptoAuth Trust Platform Firmware

ABSTRACT

Cryptosporidium parvum and Cryptosporidium hominis have emerged as major enteric pathogens of infants in the developing world, in addition to their known importance in immunocompromised adults. Although there has been recent progress in identifying new small molecules that inhibit Cryptosporidium sp. growth in vitro or in animal models, we lack information about their mechanism of action, potency across the life cycle, and cidal versus static activities. Here, we explored four potent classes of compounds that include inhibitors that likely target phosphatidylinositol 4 kinase (PI4K), phenylalanine-tRNA synthetase (PheRS), and several potent inhibitors with unknown mechanisms of action. We utilized monoclonal antibodies and gene expression probes for staging life cycle development to define the timing of when inhibitors were active during the life cycle of Cryptosporidium parvum grown in vitro. These different classes of inhibitors targeted different stages of the life cycle, including compounds that blocked replication (PheRS inhibitors), prevented the segmentation of daughter cells and thus blocked egress (PI4K inhibitors), or affected sexual-stage development (a piperazine compound of unknown mechanism). Long-term cultivation of C. parvum in epithelial cell monolayers derived from intestinal stem cells was used to distinguish between cidal and static activities based on the ability of parasites to recover from treatment. Collectively, these approaches should aid in identifying mechanisms of action and for designing in vivo efficacy studies based on time-dependent concentrations needed to achieve cidal activity.

IMPORTANCE Currently, nitazoxanide is the only FDA-approved treatment for cryptosporidiosis; unfortunately, it is ineffective in immunocompromised patients, has varied efficacy in immunocompetent individuals, and is not approved in infants under 1 year of age. Identifying new inhibitors for the treatment of cryptosporidiosis requires standardized and quantifiable in vitro assays for assessing potency, selectivity, timing of activity, and reversibility. Here, we provide new protocols for defining which stages of the life cycle are susceptible to four highly active compound classes that likely inhibit different targets in the parasite. We also utilize a newly developed long-term culture system to define assays for monitoring reversibility as a means of defining cidal activity as a function of concentration and time of treatment. These assays should provide valuable in vitro parameters to establish conditions for efficacious in vivo treatment.

ABSTRACT

Channelrhodopsins guide algal phototaxis and are widely used as optogenetic probes for control of membrane potential with light. "Bacteriorhodopsin-like" cation channelrhodopsins (BCCRs) from cryptophytes differ in primary structure from other CCRs, lacking usual residues important for their cation conductance. Instead, the sequences of BCCR match more closely those of rhodopsin proton pumps, containing residues responsible for critical proton transfer reactions. We report 19 new BCCRs which, together with the earlier 6 known members of this family, form three branches (subfamilies) of a phylogenetic tree. Here, we show that the conductance mechanisms in two subfamilies differ with respect to involvement of the homolog of the proton donor in rhodopsin pumps. Two BCCRs from the genus Rhodomonas generate photocurrents that rapidly desensitize under continuous illumination. Using a combination of patch clamp electrophysiology, absorption, Raman spectroscopy, and flash photolysis, we found that the desensitization is due to rapid accumulation of a long-lived nonconducting intermediate of the photocycle with unusually blue-shifted absorption with a maximum at 330 nm. These observations reveal diversity within the BCCR family and contribute to deeper understanding of their independently evolved cation channel function.

IMPORTANCE Cation channelrhodopsins, light-gated channels from flagellate green algae, are extensively used as optogenetic photoactivators of neurons in research and recently have progressed to clinical trials for vision restoration. However, the molecular mechanisms of their photoactivation remain poorly understood. We recently identified cryptophyte cation channelrhodopsins, structurally different from those of green algae, which have separately evolved to converge on light-gated cation conductance. This study reveals diversity within this new protein family and describes a subclade with unusually rapid desensitization that results in short transient photocurrents in continuous light. Such transient currents have not been observed in the green algae channelrhodopsins and are potentially useful in optogenetic protocols. Kinetic UV-visible (UV-vis) spectroscopy and photoelectrophysiology reveal that the desensitization is caused by rapid accumulation of a nonconductive photointermediate in the photochemical reaction cycle. The absorption maximum of the intermediate is 330 nm, the shortest wavelength reported in any rhodopsin, indicating a novel chromophore structure.

When transitioning from the environment, pathogenic microorganisms must adapt rapidly to survive in hostile host conditions. This is especially true for environmental fungi that cause opportunistic infections in immunocompromised patients since these microbes are not well adapted human pathogens. Cryptococcus species are yeastlike fungi that cause lethal infections, especially in...

Cushing syndrome results from chronic excessive exposure to glucocorticoids, impacting virtually every organ system with the most dominant effects on fat metabolism, immune function, and musculoskeletal systems. Endogenous Cushing syndrome is rare, most usually due to excess ACTH secretion from pituitary, and less frequently from ectopic tumors. Other cases result from ACTH-independent adrenal overproduction of cortisol.