Velvet CARE has decided to invest in a third Valmet Advantage DCT tissue line for its mill in Osada Klucze The order includes an extensive automation package The target is to meet consumers’ increasing demand for high-quality tissue products with low environmental impact The order is included in Valmet’s orders received of the second quarter 2024 The value of the order will not be disclosed Valmet and Velvet CARE have a strong history of cooperation and Valmet has previously delivered two tissue lines to the same mill “We appreciate Valmet for being an indispensable partner in Velvet CARE’s success The cutting-edge technology and unwavering support have elevated our operations making Valmet an invaluable contributor to our industry leadership We look forward to continued collaboration and shared success,” says Wanda Ciesielczuk “It has been a pleasure to follow Velvet CARE from the start-up of their first Valmet machine They pay attention to all details required to produce premium tissue with high efficiency We are proud to be chosen again as their supplier and look forward to working together to make the new machine as successful as the previous two,” says Joakim Karas Valmet Tissue Performance Center services are also part of the scope The new tissue line will have a design speed of 2,200 m/min and an annual production capacity of 70,000 tons It is optimized to save energy and deliver excellent paper properties Valmet is a leading global developer and supplier of process technologies With our automation systems and flow control solutions we serve an even wider base of process industries Our more than 19,000 professionals around the world work close to our customers and are committed to moving our customers’ performance forward – every day The company has over 220 years of industrial history and a strong track record in continuous improvement and renewal Valmet’s net sales in 2023 were approximately EUR 5.5 billion Valmet’s shares are listed on the Nasdaq Helsinki and the head office is in Espoo Processing of personal data the NBA Finals are here -- and it's a series that will pin some familiar faces against a group with zero experience on the league's biggest stage Despite the offensive strengths of each team, this series will be a defensive clinic on both sides. This is the first Finals to feature the top two teams in defensive efficiency since 1996, when the Chicago Bulls defeated the Seattle SuperSonics Can Jayson Tatum continue knocking off future Hall of Famers in the playoffs Will Curry finally grab that elusive NBA Finals MVP award What are the biggest X factors for each team Our NBA insiders are breaking down the keys to what should be an exhilarating series Note: Series odds provided by ESPN's Basketball Power Index (BPI) and Caesars Sportsbook BPI: 14%Caesars: -160Offensive rating: 112.1 (16th)Defensive rating: 106.6 (second)How they got here: For the first time since 2019 and the sixth time in the past eight seasons But unlike their dynastic run that spanned from 2014 to 2019 the Warriors had the worst record in the NBA they missed the playoffs after losing both play-in games The emergence of Jordan Poole, Andrew Wiggins and Kevon Looney allowed the Warriors to remain in the top three in the Western Conference they were key contributors in getting the Warriors back to the NBA's grandest stage X factor: The health of Gary Payton II The Warriors have barely played with a fully healthy roster. Andre Iguodala has missed the entire postseason so far. Otto Porter Jr. missed three games Gary Payton II has been out since early in the second round But those players will be reintegrated into team practice this week and each could be an important addition to the Warriors' title hopes He emerged this season as a lockdown defender. Early on, he found himself rotational minutes by defending opponents' best players, whether it was a wing player or a big; he even tallied several blocks on the Denver Nuggets' Nikola Jokic in the regular season and playoffs The way Payton has improved his offense has garnered him more minutes from Steve Kerr Payton's performance earned him a starting spot in the Western Conference semifinals before his elbow was fractured on a controversial play with the Memphis Grizzlies' Dillon Brooks Payton's defense will be crucial for the Warriors in the Finals While Golden State is known for its offense the Warriors continuously preach how their defense kick-starts their scoring Payton's presence inside the paint also gives the Warriors more options when looking to go small Payton was averaging 6.1 points on 72.7% field goal shooting 3.0 rebounds and 1.3 assists in 15.9 minutes per game during the playoffs Kerr joked that he wasn't bringing up turnovers to his team because it has been its issue for the past eight years He doesn't have to tell his players anymore that they need to keep those down turnovers have been the Achilles' heel for the Warriors this postseason Golden State is averaging 14.8 turnovers per game in the playoffs (fifth worst of the 16 postseason teams) for 15.9 points but when you break down the Warriors' wins and losses so far In the Warriors' four losses in the playoffs they are averaging 16.3 turnovers for 20.8 points -- the third-most turnovers for the fifth-most points allowed in the postseason they cut that number to 14.2 turnovers for 14.3 points (top 10 in both categories) The Warriors know that with their style of play -- fast-paced with lots of ball movement -- turnovers are bound to happen The ones they are focused on cutting down are the ones that come off sloppy or lazy passes If the Warriors cut down on their turnovers it won't be because they gave the ball to their opponent BPI: 86%Caesars: +140Offensive rating: 113.6 (ninth)Defensive rating: 106.2 (first)How they got here: Boston made quick work of the Nets in a sweep Boston followed that up with seven-game thrillers in the conference semifinals and conference finals. After falling behind 3-2 in their series against the Milwaukee Bucks the Celtics answered with back-to-back double-digit victories to head into the conference finals with momentum Against the top-seeded Miami Heat, the Celtics fell behind 2-1, but surged back to take a 3-2 lead into Game 6. Miami defeated the Celtics behind an epic performance by Jimmy Butler to send it to a Game 7 on South Beach advancing to their 22nd NBA Finals in franchise history in search of their NBA-record 18th title The biggest key for the Celtics heading into the NBA Finals might be their three days off between Game 7 against the Heat and Game 1 of the Finals Boston has endured grueling back-to-back series against the Bucks and Heat after getting three days off following Game 2 against Milwaukee Marcus Smart has dealt with a quad injury and a sprained ankle in the playoffs. Robert Williams III missed time in April with right meniscus surgery and has experienced knee soreness thanks to a bone bruise suffered after a collision with Giannis Antetokounmpo in Game 3 vs Tatum has averaged over 41 minutes per game over the past two series. Brown and Al Horford are both over 38 per game All three logged at least 44 minutes in Game 7 against the Heat Golden State, meanwhile, hasn't had to play in a Game 7 this postseason and dispatched the Dallas Mavericks in five games The Warriors will end up with a week off between games once the Finals start Thursday night Biggest weakness: Are the lights too bright Boston's collective postseason inexperience revealed itself down the stretch in multiple games over the past two rounds After going 4-0 in games that included clutch time (defined by the NBA as a span in the final five minutes or overtime in which the lead is within five points) against the Brooklyn Nets Boston went 2-4 in such games against the Bucks and Heat in which a missed Jimmy Butler 3-pointer could have resulted in a historic collapse The Celtics have thrived this postseason when they are able to jump out to big leads and smother opponents with their league-leading defense This Celtics roster enters the Finals with zero games of Finals experience, while Golden State has 123. According to ESPN Stats & Information research, this is just the third Finals in NBA history in which one team has had 100-plus games of experience while the other team had zero, and the first time since 1997 (Bulls 134, Utah Jazz 0) inexperience didn't stop Boston from turning an under-.500 midseason record into a Finals berth becoming the first team to do it since the 1980-81 Rockets It didn't deter the Celtics from romping through the first round or battling back against the Bucks or winning a road Game 7 in the Eastern Conference finals who are very much looking like the Warriors they'll have to make sure their lack of Finals experience doesn't become a factor on the biggest stage Winslow Townson-USA TODAY SportsSeries key: How Golden State handles a switch-heavy defenseGolden State reached the NBA Finals without facing a team that likes to switch on defense None of the Warriors' three West opponents (Denver Memphis or Dallas) were in the top half of the league in frequency of switching on-ball screens during the regular season started switching more over the course of their series against the Warriors Golden State still ranks ninth among the 16 playoff teams in how often opponents have switched against them (31.5% of the time) during the playoffs No other team switched more frequently than the Celtics during the regular season and they rank second in frequency (44%) so far during the playoffs Golden State no longer has a singular isolation player like Kevin Durant to hunt mismatches against a switch-heavy defense the Warriors have also faced switches often enough in the postseason to have developed a robust menu of options against them starting with Curry's ability to move without the ball and Green's skill picking apart defensive mistakes Those traits were on full display during Golden State's closeout win over Dallas which switched 63% of the Warriors' on-ball screens in Game 5 per Second Spectrum -- the most of any Warriors playoff game That didn't prevent them from handing out 36 assists the second most in a game during these playoffs Golden State accomplished that against a team that rarely switched over the course of the regular season and playoffs the Warriors will face a well-drilled switching attack that does so from a position of strength rather than weakness How well they handle switches will go a long way toward determining the outcome of the Finals Plans for a hub to foster transportation-tech startups stalled out in 2020 because of the COVID-19 pandemic there’s a familiar face in the driver’s seat to jump-start that effort: former state transportation secretary Jamey Tesler He will be executive director of the Massachusetts Mobility Innovation Hub which is set to open early next year in Cambridge The Hub will provide space for startups as well as networking opportunities It’s being launched as a public benefit corporation — a business with a public mission not dividends — through initial in-kind and financial support from Zipcar The founders are now ramping up their fund-raising efforts After Tesler stepped down as secretary early this year to make way for Governor Maura Healey’s incoming administration he joined the Harvard Kennedy School as a part-time visiting fellow It was a change of pace for Tesler after more than a decade in state transportation roles and a couple of stints in the private sector He said he jumped at the opportunity to join the Hub after Partnership chief operating officer Rebecca Davis and Zipcar marketing and public policy chief Justin Holmes restarted the discussions that had been put on hold three years ago “What’s really motivating me in this point in my career is to help people with their great ideas,” Tesler said It’s fitting that a top administrator in Charlie Baker’s administration would conduct this train That’s because the idea emerged about five years ago out of a transportation task force that Baker convened and asked Steve Kadish The hope was to leverage Greater Boston’s startup community and its academic experts to tackle hard transportation challenges — such as our notorious traffic jams The Hub’s board will be chaired by CIC chief executive Tim Rowe and include Davis Google auto partnership executive Gretchen Effgen MIT Mobility Initiative executive director John Moavenzadeh Boston Consulting Group automotive expert Aakash Arora and SparkCharge chief executive Joshua Aviv Tesler said the Hub is particularly important now because of the billions in federal funds being unleashed for transportation and energy projects through the Inflation Reduction Act “We want more Zipcars that make it through [the scaling-up] process to stay here and grow here,” Tesler said referring to the Boston-based car-sharing service “It is challenging for people who are focused 24 hours a day on their startup idea to have a sense of the broader ecosystem Jack Shields says he skipped more days than he attended as a sixth grader in Brockton “That goes to show you anyone can make it,” he says now After graduating from Boston College High School he went on to play football at the University of Notre Dame Shields joined his family’s medical imaging business when it opened its first MRI center in 1986 He helped build Shields MRI into a major regional network (now known as Shields Health) before leaving just over a decade ago a network of hospital-based specialty pharmacists that was eventually bought by drugstore giant Walgreens Boots Alliance While Shields now leads Shields Health Innovations He gave $5 million to BC High in 2020 to create an entrepreneurship program he’s giving an undisclosed amount to help Brockton kids attend BC High and includes a range of support: mentorship The Shields Fellows Program will help four Brockton eighth graders go to BC High starting next fall but Shields plans to grow that number and eventually expand to other locations such as Roxbury and Dorchester Shields announced the program last week at the Boys & Girls Clubs of Metro South a nonprofit he helped to create more than 30 years ago He hopes to give kids a reason to not skip class while putting them on a track to success like the one he eventually found “I’m a big believer that those gritty city kids are going to outperform those Weston kids,” Shields added Kicking off an “Invest: Boston” panel on the future of commercial real estate last week hosted by Capital Analytics Associates at the UMass Club Hunneman executive Peter Evans promised “to try to keep it as bright and rosy as I possibly can.” Evans talked about the state of play: Downtown Boston’s vacancy rate has reached a record high while only about half of people who used to commute there are doing so on any given day He noted how the recent lab boom petered out amid an oversupply (He cited the still-vacant former John Hancock headquarters in the Seaport as one high profile office-lab conversion that has not worked out yet.) And office-residential conversions “The one thing that investors and developers alike are looking at right now is time and patience,” Evans said “It’s going to take some time [to recover] We don’t see on the horizon right now what the great life science or technology boom will be maybe some help can come from the robotics and clean-tech sectors “It’s probably the one shiny bright light we have in Mass regarding commercial real estate,” he added Greg Janey offered another bright light: higher ed pivoted early in the pandemic to focus more on college and university projects mitigating some of the commercial real estate market’s volatility had surprisingly good things to say about the besieged MBTA “I’m actually optimistic about the T,” Dineen said She praised Governor Maura Healey’s elevation of Monica Tibbits-Nutt to transportation secretary as well as the news that the T will eliminate all of its much-loathed “slow zones” by the end of next year (though not without more shutdowns first) She even applauded the news that $24.5 billion would be needed to get the T up to a “state of good repair.” “The good news is that the leadership is in place and now we need to ensure the leaders have the resources they need to really get the [MBTA] back on track,” Dineen said Big restaurant chains on Boston-based ezCater’s platform range from Subway to Qdoba to Olive Garden even though top Panera executives work nearby in West Newton “They are one of our most requested brands,” O’Hanlon said ezCater announced Panera had joined its platform in late September After getting knocked back early in the pandemic It’s not clear what prevented a previous Panera-ezCater matchup; O’Hanlon said the companies had been in talks for several years Maybe ezCater finally reached a scale that makes it hard for Panera “That was the right time for the two companies to say “It just takes a while for the win-win to be super obvious for both sides.” Jon Chesto can be reached at jon.chesto@globe.com. Follow him @jonchesto. Home Delivery Gift Subscriptions Log In Manage My Account Customer Service Delivery Issues Feedback News Tips Help & FAQs Staff List Advertise Newsletters View the ePaper Order Back Issues News in Education Search the Archives Privacy Policy Terms of Service Terms of Purchase Work at Boston Globe Media Internship Program Co-op Program Do Not Sell My Personal Information Microsoft: Windows 11 24H2 now ready to rollout to everyone Unofficial Signal app used by Trump officials investigates hack Darcula PhaaS steals 884,000 credit cards via phishing texts Luna Moth extortion hackers pose as IT help desks to breach US firms New "Bring Your Own Installer" EDR bypass used in ransomware attack Microsoft finds default Kubernetes Helm charts can expose data How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to backup and restore the Windows Registry Remove the Theonlinesearch.com Search Redirect Remove the Smartwebfinder.com Search Redirect How to remove the PBlock+ adware browser extension Remove the Toksearches.xyz Search Redirect Remove Security Tool and SecurityTool (Uninstall Guide) How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo How to remove Antivirus 2009 (Uninstall Instructions) How to remove Google Redirects or the TDSS CryptoLocker Ransomware Information Guide and FAQ CryptorBit and HowDecrypt Information Guide and FAQ CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ The team behind Electrum, a Bitcoin wallet app, has exposed a copycat product named Electrum Pro as a malicious app that steals users' seed keys Electrum developers made their accusations in a document published on GitHub yesterday The document contains a step-by-step guide to decompiling a rival product named Electrum Pro that popped up online two months ago in March The Electrum team has long suspected this is a scam product The reasons are that the newly launched wallet app used their brand name without permission but also registered the electrum.com domain similar to the real Electrum domain of electrum.org in an attempt to capitalize on the older app's reputation and trick users into using their product Now, Electrum devs seem to have confirmed their initial suspicions. On GitHub, the Electrum team points to a particular piece of code (lines 223-248 in electrumpro_keystore.py) where the Electrum Pro wallet appears to take the user's wallet seed key and upload it to the electrum.com domain Wallet seed keys are cryptographic keys that allow the owners of a wallet app to access the funds of multiple Bitcoin addresses stored in a particular wallet With the seed keys uploaded to electrum.com the owners of those domains have the ability to use these seed keys and empty Bitcoin accounts creating or restoring a wallet with Electrum Pro will send copies of the users' wallet seed keys to the electrum.com domain "We previously warned users against 'Electrum Pro' but we did not have formal evidence at that time," Electrum devs said Devs also said they've only analyzed Electrum Pro's "electrumpro-4.0.2.dmg" macOS binary and "ElectrumPro-4.0.2-Standalone.zip" Windows binary but warned that "is safe to assume that the other Windows binaries are malicious as well." Affected users should move funds from Bitcoin addresses they've managed via Electrum Pro there have not been any reports of stolen funds Based on an analysis of 14M malicious actions discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them Ripple's recommended XRP library xrpl.js hacked to steal wallets North Korean hackers adopt ClickFix attacks to target crypto firms New Crocodilus malware steals Android users’ crypto wallet keys Microsoft: New RAT malware used for crypto theft, reconnaissance MassJacker malware uses 778,000 wallets to steal cryptocurrency Not a member yet? Register Now Microsoft ends Authenticator password autofill OpenAI document explains when to use each ChatGPT model Microsoft makes all new accounts passwordless by default Rethinking Automated Penetration Testing: Why Validation Changes Everything Learn why identity attacks were the #1 threat facing organizations in 2024 View your organization's attack surface & digital frauds - at no cost Register now for CTM360's Community Edition Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2025 Bleeping Computer® LLC - All Rights Reserved Not a member yet? Register Now Read our posting guidelinese to learn what content is prohibited Yubico said today it plans to replace certain hardware security keys because of a firmware flaw that reduces the randomness of cryptographic keys generated by its devices Affected products include models part of the YubiKey FIPS Series a line of YubiKey authentication keys certified for use on US government networks (and others) according to the US government's Federal Information Processing Standards (FIPS) According to a Yubico security advisory published today YubiKey FIPS Series devices that run firmware version 4.4.2 and 4.4.4 contain a bug that keeps "some predictable content" inside the device's data buffer after the power-up operation This "predictable content" will influence the randomness of cryptographic keys generated on the device for a short period after the boot-up until the "predictable content" is all used up and true random data is present in the buffer This means that for a short period after booting up YubiKey FIPS Series devices with the affected 4.4.2 and 4.4.4 versions will generate keys that can be either recovered partially depending on the cryptographic algorithm the key is working with for a particular authentication operation - an RSA key may be impacted by up to 80 predictable bits out of a minimum of 2048 bits- for ECDSA signatures the nonce K becomes significantly biased with up to 80 of the 256 bits being static resulting in weakened signatures- for ECC key generation the key may be impacted by up to 80 predictable bits out of the minimum 256-bit key length- for ECC encryption,16 bits of the private key becomes known- for secp256r1 private keys the key may be impacted by 16 predictable bits reducing the number of unknown bits in the key from 256 to 240 bits- for secp384r1 private keys the number of unknown bits in the key is reduced from 384 to 368 bits Yubico is now advising owners of YubiKey FIPS Series to check their key's firmware version and sign up for a replacement on its portal -- if they haven't received one already Yubico said customers would receive new YubiKey FIPS Series keys with a corrected firmware version of 4.4.5 YubiKey FIPS Series firmware version 4.4.3 is not listed as affected because Yubico never released it In the technical advisory the company published today the company also listed some scenarios in which authentication procedures involving YubiKey FIPS Series are likely to be impacted FIDO U2F-based authentication procedures are confirmed as impacted while the use of YubiKey FIPS Series keys together with smart cards and OpenPGP may decrease the security of authentication procedures in some scenarios the danger of an attacker exploiting this vulnerability is low because of the complex requirements for intercepting the authentication operations and then breaking the rest of the cryptographic key it's better that users don't take any chances especially if these keys are used in highly sensitive networks Yubico is the second company in the past month that is offering a replacement after the discovery of a bug in its security keys. In May, Google issued a recall for some Titan security keys because of a vulnerability discovered in the key's Bluetooth pairing protocol ShareSaveMoney FintechNot Your Keys, Not Your Coins? Whatever.ByDavid G.W. Birch The coins would have belonged to a wealthy person who probably buried them for safekeeping shortly after William the Bastard’s illegal invasion of England in 1066 was the medieval equivalent of being your own bank if your head gets cut off during a genocidal campaign of regime change or the dog eats your USB stick then the cash will vanish from circulation out of the reach of your heirs until recovered by amateur archeologists or quantum computers Why would anyone want to be their own bank I have some cryptocurrency which is stored safely on a USB interface hard wallet protected by a long pass phrase I have it rolled up in tinfoil and buried it under a tree in my back garden The pass phrase and a description of the tree are transcribed onto a lead plate that is buried in my sister’s garden and the directions to recover it are in a sealed envelope held by my solicitor with strict instructions not to open it except in the event of my death When I want to spend some of my hard-speculated crypto-cash it takes me more than half an hour to dig up the USB stick transfer some electronic cash to the hard drive re-bury the USB stick (I also bury a decoy stick under another tree in case someone is watching) and then go online to move the electronic cash online and ready to spend Now I have to say this is not quite as convenient as my mobile banking app my Wise card or my Royal London pension fund web site My cryptofan friend suggested I keep a backup in a safety deposit box in a bank This of course made me wonder: Why not just keep the keys in the bank in the first place I am sure that this is what most people want to do forgetful and lazy to want to assume the responsibility for being my own bank And even if I was prepared to give it a go I am not a data security stronghold with layers of defences against hackers cyber attackers or disgruntled bag holders which is why I would be happy to pay them a reasonable fee for managing both the keys and the interface between the Wild West of crypto and the banking system itself chief executive officer of JPMorgan Chase & Co More recently quoted as saying that "Bitcoin is worthless" (Photo by Alex Wroblewski/Getty Images) regulated banks can offer new services and this will create “new business models and new business opportunities” I strongly suspect that there are a substantial fraction of all Americans who do not currently hold cryptocurrencies such as Bitcoin but who would hold cryptoassets such as NFTs stablecoins and such like if the custody service was offered by their bank It makes much more sense to keep my assets in the safekeeping of an institution that specialises in keeping assets safe insured and managed to ensure that whatever happens I as a normal customer (who does not spend every waking hour working on data security) am protected Dec 11, 2023 | News | 0 comments the ESG transformation specialist private equity investor and B Corp has signed a preliminary agreement to sell Velvet CARE Poland’s leading manufacturer of paper-based personal care products The transaction is subject to European clearance Velvet CARE manufactures paper hygiene products including tissues and is the owner of the highly regarded Velvet brand in Poland The company was established in 2013 but its origins date to 1897 including a period of 17 years under the ownership of International Paper and Kimberly Clark Abris, who you can meet at the Poland-CEE Private Equity Conference 2024 acquired a majority stake in Velvet CARE in 2018 from Avallon Velvet CARE has grown sales by 2.5 times and EBITDA by more than five times significantly exceeding the original investment case in terms of financial results and strategic development the company completed the add-on acquisition of Moracell the largest manufacturer of paper hygiene products in the Czech Republic Velvet CARE received B Corp certification – the most prestigious globally recognised ESG accreditation for businesses that demonstrate the highest standards of social and environmental performance The company also received a gold medal from Ecovadis an independent sustainability rating agency “We are delighted to have had such a successful partnership with Velvet CARE’s management team supporting the company’s expansion in Central Europe and beyond we have focused on transforming the business into a leading regional capitalising on the growing demand for personal care and hygiene products as well as expanding the company’s export business and integrating the highest ESG standards based on our ESG value creation methodology.” Shortly after Abris acquired the Velvet brand Velvet CARE completed a major capital expenditure programme adding to its facilities one of the most modern tissue paper machines in Central Europe which substantially increased its production capacity Abris partnered with the company’s management to drive organic growth while seeking to acquire other attractive tissue businesses in the region which brought to the group a modern conversion machinery park infrastructure and an established team in the Czech and Slovakian markets Velvet CARE subsequently invested in another new tissue paper machine to further expand its production capacities and reinforce its position as Central Europe’s market leader Get the week’s top news delivered directly to your inbox – Sign up for our newsletter Velvet CARE has more than 850 employees based at its manufacturing facilities in Klucze and Zabcice comments:“Our close working relationship with Abris over the past five years has allowed us to significantly strengthen our market position During this time Velvet CARE has grown stronger The management team and I can’t wait to begin working with Partners Group and continuing our mission of building a European leader in this sector This is yet another era of new possibilities for us and we plan to accelerate our growth actively participating in the further consolidation of the paper market and seeking opportunities to expand Private Equity Goods & Products Industry Vertical added:“Velvet CARE’s extensive offering of staple products give the Company resilience and cash flow stability during macroeconomic slowdowns with rising incomes driving demand for both premium and value products Our value creation plan will focus on strengthening the Company’s existing position while continuing to expand into other major European markets.” Hong Kong to relax rules under New CIES in 2025 to attract high-net-worth investors The Hong Kong.. Hong Kong relaunches Capital Investment Entrant Scheme to attract global capital and family.. Mérieux Equity Partners targets EU healthtech with €150m fund Subscribe to our Newsletter to increase your edge through our newsletter you’ll receive weekly access to what is happening By signing up for our newsletter, you accept our terms and conditions as outlined under pe-insights.com/privacy-policy Keybase is notifying Android users of a bug in its mobile app that might have unintentionally included the users' private key —used to encrypt conversations and other private data— into the automatic backups created by the Android OS and uploaded on Google's servers which is a company that provides a wide range of identity proofing and encrypted communication tools says it fixed the bug and has sent notification emails to users it believes are affected by this issue The emails contain instructions on how users could force their device to generate a new private encryption key Keybase uses this private key as part of a private-public key pair system to verify a user's identity and encrypt conversations sent through the Keybase chat system from that device According to an email seen by Bleeping Computer the issue appears to affect only "early adopters" of the Keybase Android app Keybase estimates that around 10% of Keybase Android app users are affected by this bug the company boasts to service over 205,000 users; albeit is unclear how many of these also use its Android app Keybase said that users who back up their Android device through Google Play and users who reused passwords from other accounts or used a weak passphrase are affected this isn't a serious issue unless users are really bad at choosing passwords An attacker would first need access to a user's Google account (to extract the Android backup files) and then the Keybase passphrase (to decrypt the private key) we've seen many cases of bad password practices in the past to rule out possible attacks on Keybase accounts Keybase works by allowing users to register a Keybase account and use it as a central hub to verify profiles on other online sites and verify devices the user owns An attacker may obtain a user's Keybase account password (passphrase) but he won't be able to impersonate that user in Keybase-encrypted chats and private PGP-protected messages unless he sends those messages from verified devices The bug Keybase just fixed allows an attacker to obtain the private key and impersonate the user's Android smartphone This is why it is important that users secure devices even if there's a little possibility they were affected Keybase has included the following instructions in the email to possibly affected users Users who received the email should update their Keybase app and go through the following steps to create new private keys as the private key contained within won't work anymore We recommend you revoke and reprovision your Android phone If you've got Keybase installed on another computer or have a paper key This doesn't affect PGP keys or anything outside of Android Despite this issue, users shouldn't be deterred from using Keybase, which is currently the only service that provides support for end-to-end encrypting Git operations, Reddit and Twitter private messages discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them Google adds Android auto-reboot to block forensic data extractions Google fixes Android zero-days exploited in attacks, 60 other flaws Google fixes Android zero-day exploited by Serbian authorities BadBox malware disrupted on 500K infected Android devices Google NotebookLM is now using Gemini 2.5 Flash Not a member yet? Register Now the FBI has released the master decryption keys for the Gandcrab Ransomware versions 4 any individual or organization can create and release their very own GandCrab decryptor On June 1st, 2019, the developers behind the wildly successful GandCrab Ransomware announced that they were closing shop after allegedly amassing $2 billion in ransom payments and personally earning $150 million Two weeks later, in collaboration with Europol, the FBI, numerous law enforcement agencies, and NoMoreRansom, Bitdefender released a decryptor for files encrypted by GandCrab versions 1 While it was not stated how Bitdefender gained access to these keys it is widely thought that they were able to gain access to the ransomware's command and control servers in order to download the keys In a "FBI Flash Alert" shared with BleepingComputer, three master decryption keys for the GandCrab Ransomware were released to members of the FBI's InfraGard program Bulletins released by the FBI through InfraGard are categorized using the Traffic Light Protocol, which dictates how the information can be shared. This alert titled "Master Decryption Keys for GandCrab, versions 4 through 5.2" was released as a TLP:White bulletin which means that the information can be disclosed without restriction the bulletin explains how the GandCrab RaaS operated and related statistics in partnership with law enforcement agencies from 8 European countries released a decryption tool applicable to all versions of GandCrab ransomware The decryption tool can be found at www.nomoreransom.org The collaborative efforts further identified the master decryption keys for all new versions of GandCrab introduced since July 2018 The FBI is releasing the master keys in order to facilitate the development of additional decryption tools GandCrab operates using a ransomware-as-a-service (RaaS) business model selling the right to distribute the malware to affiliates in exchange for 40% of the ransoms GandCrab was first observed in January 2018 infecting South Korean companies but GandCrab campaigns quickly expanded globally to include US victims in early 2018 impacting at least 8 critical infrastructure sectors GandCrab rapidly rose to become the most prominent affiliate-based ransomware and was estimated to hold 50% of the ransomware market share by mid-2018 Experts estimate GandCrab infected over 500,000 victims worldwide causing losses in excess of $300 million." Below are the master decryption keys for GandCrab versions 4 To use them properly, you would need to familiarize yourself with the encryption methods used by the various versions of GandCrab. A good introduction to the encryption algorithm used in version 4 can be found in this article by Fortinet FBI: Ransomware gangs hack casinos via 3rd party gaming vendors FBI warnings are true—fake file converters do push malware CISA: Medusa ransomware hit over 300 critical infrastructure orgs New "Bring Your Own Installer" EDR bypass used in ransomware attack UK shares security tips after major retail cyberattacks One master key decrypts different AES256 key for each encrypted file I have Gandgrab 5.2 files with the key - WUPUZNIUC as the file extension What program will open them so I may use the above-listed GandCrab v5.2 key Read our posting guidelinese to learn what content is prohibited.