Scoop has an Ethical Paywall
Kiwi Hacker Unlocks Microsoft's BitLocker
New Zealand security expert Denis Andzakovic has
released a tool that steals the encryption keys for drives
encrypted with Microsoft's BitLocker encryption.
Users who use BitLocker with the default settings, and do not use pre-boot authentication are vulnerable to this attack.
Andzakovic, a Principal Security Consultant at New Zealand infosec firm Pulse Security says, "An attacker can perform this attack with a $40 tool purchased from DigiKey and physical access to the device".
The issue was reported by Andzakovic to Microsoft's Security Response Centre (MSRC). MSRC is quoted with saying "BitLocker documents that this attack is not in scope for the default configuration. BitLocker recommends that if customers care about this level of attack, that they use Pre-boot authentication."
"Most users tend to stick with default configurations, which this attack applies to." says Andzakovic
Users concerned about this attack are advised to enable pre-boot authentication, such as a PIN code, USB key or smart card.
Transport and Infrastructure Committee: Inquiry Into Ports And The Maritime Sector Opened
Netsafe: Netsafe And Chorus Power Up Online Safety For Older Adults
RBNZ: 10 Cent Coin With King Charles III Image Now In Production
NZALPA: Safety Improves From AKL Incident Learnings
NIWA: Antarctic Footprint Clean-up Challenges - How A Remote Antarctic Base Clean-up Protected One Of Earth’s Clearest Lakes
Hugh Grant: Can A Meme Coin Become A Real Payment Solution?
