Encryption Under ‘Full-Frontal Nuclear Assault’ By U.S. Bills

Threatpost

government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement. Government Newsmaker Interviews Videos apple backdoor EARN IT Encryption FBI government Lawful Access to Encrypted Data ActThe U.S.

New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire

Threatpost

The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts. Government Privacy apple Data Privacy Encryption End to end encryption Facebook FBI Lawful Access to Encrypted Data Act Security

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

DoJ Blasts Apple on Lack of Encryption Backdoor - Again

Data Breach Today

Law Enforcement Leaders Say Encryption Delayed Terrorist Investigation; Apple Pushes Back Although FBI technicians were able to gain access to data in two iPhones belonging to a Saudi national who killed three U.S.

The Encryption 'Backdoor' Debate Continues

Data Breach Today

The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption.

Data Leakage from Encrypted Databases

Schneier on Security

Matthew Green has a super-interesting blog post about information leakage from encrypted databases. academicpapers databases encryptionIt describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson.

Google Releases Basic Homomorphic Encryption Tool

Schneier on Security

From a Wired article : Private Join and Compute uses a 1970s methodology known as "commutative encryption" to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. cryptography encryption google

MongoDB Offers Field Level Encryption

Schneier on Security

MongoDB now has the ability to encrypt data by field : MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient.

Breach Report: Sometimes, Encryption Is Still Overlooked

Data Breach Today

Stolen Laptop Contained Patient Data on Thousands Just when you thought the days of big data breaches tied to stolen unencrypted laptops were over comes news of an incident in Oregon affecting hundreds of thousands.

IBM releases open-source toolkits implementing FHE to process data while encrypted

Security Affairs

IBM has released open-source toolkits implementing fully homomorphic encryption (FHE) that allow researchers to process data while it’s still encrypted. This has revolutionized security and data privacy and how we outsource computation to untrusted clouds,” states IBM.

Security of Solid-State-Drive Encryption

Schneier on Security

Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

Is All Encryption Equal?

Thales eSecurity

Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. Who are you trying to protect your data from?

G7 Comes Out in Favor of Encryption Backdoors

Schneier on Security

Some G7 countries highlight the importance of not prohibiting, limiting, or weakening encryption; There is a weird belief amongst policy makers that hacking an encryption system's key management system is fundamentally different than hacking the system's encryption algorithm.

Attorney General William Barr on Encryption Policy

Schneier on Security

Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations.

Major Brazilian Bank Tests Homomorphic Encryption on Financial Data

Dark Reading

The approach allowed researchers to use machine learning on encrypted data without first decrypting it

Apple Abandoned Plans for Encrypted iCloud Backup after FBI Complained

Schneier on Security

This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.

Ray Ozzie's Encryption Backdoor

Schneier on Security

Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. The public key goes into the processor and the device, and is used to encrypt whatever user key encrypts the data.

GDPR Compliance – Encryption

Perficient Data & Analytics

On 25th May 2018, everybody woke up to find their inbox “spammed” with mails from companies about redefining their data privacy policies containing the term GDPR. GDPR which stands for General Data Protection Regulation, has replaced the existing Data Protection Directive rules.

News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate

Threatpost

Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption. Podcasts Privacy data breach Encryption End to end encryption Minneapolis police hack Troy Hunt zoom

Enterprise Data Encryption Hits All-time High

Dark Reading

A new report by the Ponemon Institute shows 45% of organizations have a comprehensive encryption policy in place

Attorney General Barr and Encryption

Schneier on Security

Last month, Attorney General William Barr gave a major speech on encryption policy­what is commonly known as "going dark." Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations.

Crypto-Primer: Encryption Basics Every Security Pro Should Know

Dark Reading

With so many choices for encrypting data and communication, it's important to know the pros and cons of different techniques

IEEE Statement on Strong Encryption vs. Backdoors

Schneier on Security

The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. backdoors encryption keyescrow nationalsecuritypolicy vulnerabilities

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. Once reprogrammed, the SSD will use its stored keys to cipher and decipher stored data.

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

Related: Marriott reports huge data breach Ever thought about encrypting the data held on a portable storage device? I had the chance at RSA 2019 to visit with Shauna Park, channel manager at DataLocker, to discuss what’s new in the encrypted portable drive space.

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

The Last Watchdog

It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol. So cyber criminals, too, have begun regularly using TLS to encrypt their attacks.

NEW TECH: Breakthrough ‘homomorphic-like’ encryption protects data in-use, without penalties

The Last Watchdog

Homomorphic encryption has long been something of a Holy Grail in cryptography. Related: Post-quantum cryptography on the horizon For decades, some of our smartest mathematicians and computer scientists have struggled to derive a third way to keep data encrypted — not just the two classical ways, at rest and in transit. Having written a few stories on homomorphic encryption, I was eager to meet with Fortanix co-founder and CEO Ambuj Kumar at Black Hat 2019.

Apple Mail stores parts of encrypted emails in plaintext DB

Security Affairs

The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. Data collected by the process are stored in the snippets. SecurityAffairs – encryption, hacking).

How Encryption Became the Board’s New Best Friend

Thales eSecurity

For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. The 2019 Thales Data Threat Report-Global Edition revealed that as digital transformations are taking place, sensitive data is often at risk. Enter encryption.

Does Encryption Really Protect My Cloud Data?

Thales eSecurity

There has always been a battle between business efficiency and security since the invention of shared compute and data resources. It is obvious that most enterprises large and small have made the decision to move some — if not all — of their applications and data to the cloud.

‘Significant’ FBI Error Reignites Data Encryption Debate

WIRED Threat Level

FBI stats about inaccessible cellphones were inflated, undermining already controversial bureau claims about the threat of encryption. Security

Database Encryption Key Management

Thales eSecurity

Large data scale breaches have led an increasing number of companies to embrace comprehensive encryption strategies to protect their assets. Solutions for Transparent Database Encryption. Data securityStreamlining operations and improving security.

The Various Aspects of Db2 for z/OS Data Encryption

Robert's Db2

Just last week, a person on the Db2 for z/OS team at an organization asked me for some guidance regarding data encryption in a Db2 context. on disk) Application-transparent encryption of Db2 for z/OS data in memory (i.e.,

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt.

NEW TECH: Can MPC — Multi Party Computation — disrupt encryption, boost cloud commerce?

The Last Watchdog

Encryption is a cornerstone of digital commerce. Related: A ‘homomorphic-like’ encryption solution We know very well how to encrypt data in transit. And we’ve mastered how to encrypt — and decrypt — data at rest. However, we’ve yet to arrive at a seminal means to crunch encrypted data – without first having to decrypt it. PKI is the authentication and encryption framework on which the Internet is built.

Attorney General Barr Argues for Access to Encrypted Content

Data Breach Today

Attorney General William Barr argued on Tuesday that enabling law enforcement to access encrypted content would only minimally increase data security risks. Critics Argue That Backdoors Would Create Security Risks U.S. Barr's comments drew criticism from lawmakers and technologists, who contend backdoors would put the public at greater risk

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself.

Adiantum will bring encryption on Android devices without cryptographic acceleration

Security Affairs

Google announced Adiantum, a new encryption method devised to protect Android devices without cryptographic acceleration. Google announced Adiantum , a new encryption method devised to protect Android devices without cryptographic acceleration. SecurityAffairs – Android, encryption).

Guest Blog: End-to-End Data Encryption with Data Reduction from Thales & Pure Storage

Thales eSecurity

At the 2019 RSA Conference, Pure Storage and Thales introduced Vormetric Transparent Encryption for Efficient Storage – the IT and security industries’ first end-to-end data encryption framework that realizes storage array data reduction. Data reduction of 4.8

How Does Encryption Work?

Productivity Bytes

The word “encryption” is synonymous with data protection, and most people are aware of its functionality in their day-to-day lives within a digital context. While these are all uses for encryption, they don’t answer the … + Read More.

STOP ransomware encrypts files and steals victim’s data

Security Affairs

AZORult is a data stealer that was first spotted in 2016 by Proofpoint that discovered it was it was part of a secondary infection via the Chthonic banking trojan. The post STOP ransomware encrypts files and steals victim’s data appeared first on Security Affairs.