NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself.

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

UK intelligence agency GCHQ released emulators for World War II cipher machines (Enigma, Typex and The Bombe) that can be executed in the encryption app CyberChef. The post GCHQ implements World War II cipher machines in encryption app CyberChef appeared first on Security Affairs.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Calculating the Benefits of the Advanced Encryption Standard

Schneier on Security

NIST has completed a study -- it was published last year, but I just saw it recently -- calculating the costs and benefits of the Advanced Encryption Standard.

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

The attacker also obtained free encryption certificates for escrow.com from Let’s Encrypt. We have taken steps across our technology, processes and employee education, to help prevent these types of attacks in the future.”

Apple Battling with the Government Again Over Breaking iPhone Encryption of Mass Shooters: Data Privacy Trends

eDiscovery Daily

Remember back in 2016 when Apple with in a court battle with the Department of Justice over giving investigators access to encrypted data on the iPhone used by one of the San Bernardino shooters? We feel strongly encryption is vital to protecting our country and our users’ data.”.

Facebook Will Shift to Emphasize Encrypted Ephemeral Messages, Zuckerberg Says: eDiscovery Trends

eDiscovery Daily

In a post to Facebook last week, founder Mark Zuckerberg outlined a vision of the future that includes end-to-end encryption and an ephemeral lifespan for private messages and photos.

Free & Discounted Security Services Now Available for US Election Orgs

Dark Reading

Nonprofit Defending Digital Campaigns (DDC) offers security services for email, user education, mobile, and encrypted communications, to federal election committees

Personal data breaches in schools, to report or not to report?

IT Governance

Where data has been encrypted, such as on a laptop, mobile device, memory stick or email, the breach does not need to be reported, however sensitive the data is. BreachReady Education EU GDPR Data breaches education GDPR schools

How situational analysis helps your school become #BreachReady

IT Governance

Introduce device encryption. Encrypting devices such as laptops, tablets, mobile phones and memory sticks protects the data they hold if they are lost or stolen. Education #BreachReady education GDPR

How to Keep Your Information Safe for Data Privacy Day 2020

Thales eSecurity

An extension of the celebration for Data Protection Day in Europe, Data Privacy Day functions as the signature event of the National Cyber Security Centre’s ongoing education and awareness efforts surrounding online privacy. Encryption.

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. They added data theft to the classic encryption scenario.

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

” The FBI and multiple security firms have advised victims not to pay any ransom demands, as doing so just encourages the attackers and in any case may not result in actually regaining access to encrypted files.

Multi-platform Tycoon Ransomware employed in targeted attacks

Security Affairs

The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and institutions in the education and software industries. A separate encryption thread will be created for each item in the path list.”continues

Payroll Provider Gives Extortionists a Payday

Krebs on Security

19, Apex was alerted that its systems had been infected with a destructive strain of ransomware that encrypts computer files and demands payment for a digital key needed to unscramble the data. “When they encrypt the data, that happens really fast,” he said.

Halloween: The curse of data

Thales eSecurity

How to survive – Rather than walking down that dark alley assuming they’ll be fine, businesses need to educate themselves on the threats out there and start taking a security first approach. We’ve all watched a horror film and said “why are you doing that?!”

The state of European cybersecurity and lessons to learn

Thales eSecurity

Encryption, encryption, encryption. Only 27% of European organisations encrypt their data, leaving the door wide open to the likes of cyber-criminals and hacktivists.

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. Threat actors accessed part of academic work and encrypted it, but due to the importance of the documents, the university decided to pay a portion of the ransom, approximately $1.14

iNSYNQ Ransom Attack Began With Phishing Email

Krebs on Security

Because of the quick reaction we had, we were able to contain the encryption part” to roughly 50 percent of customer systems, he said. “For these infections hackers take sometimes days, weeks, or even months to encrypt your data.”

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

The Security Ledger

» Related Stories Episode 179: CISO Eye on the Virus Guy – Assessing COVID’s Cyber Risks Episode 178: Killing Encryption Softly with the EARN IT Act. Sean McHenry is CISO of the Utah State Board of Education.

FTC Enters into Memorandum of Understanding with Dutch Data Protection Authority

Hunton Privacy

The Memorandum also discusses protective measures for transmitting information related to a request for assistance on a privacy-related matter, such as encryption or maintaining materials in secured, restricted locations. Federal Law Consumer Protection Cross-Border Data Flow Data Protection Authority Edith Ramirez Encryption Federal Trade Commission Information Commissioners Office Ireland Jacob Kohnstamm Netherlands United Kingdom

BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

The Last Watchdog

Last September, a ransomware purveyor succeeded in encrypting access to the computer systems of 22 small South Texas towns, demanding ransoms for a decryption key. I asked Bastable what he expects, going forward, for local governments and the education sector.

SHARED INTEL: How digital certificates could supply secure identities for enterprise blockchains

The Last Watchdog

Early adopters are trial-running Hyperledger blockchains in trade financing, in education and training programs and in supply chains for certain vertical industries. Blockchain gave rise to Bitcoin.

Meal delivery service Home Chef discloses data breach

Security Affairs

million $1,200 Minted 5 million $2,500 Styleshare 6 million $2,700 Ggumim 2 million $1,300 Mindful 2 million $1,300 StarTribune 1 million $1,100 ChatBooks 15 million $3,500 The Chronicle Of Higher Education 3 million $1,500 Zoosk 30 million $500.

New Bedford city infected with Ryuk ransomware, but did not pay $5.3M ransom

Security Affairs

RYUK encrypts, or renders inaccessible, the data stored on computer servers and workstations. In order to potentially unlock the encrypted data, the operator must then make a payment to acquire a decryption key from the attacker to access its data.

New ‘PyXie’ Python RAT targets multiple industries

Security Affairs

“Analysts have observed evidence of the threat actors attempting to deliver ransomware to the healthcare and education industries with PyXie.” The threat actors behind PyXie were observed attempting to deliver ransomware to the healthcare and education industries with this new RAT.

Shade Ransomware gang shut down operations and releases 750K decryption keys

Security Affairs

Unlike other ransomware strains that don’t encrypt victims in Russia and other CIS countries, Shade also targets computers in Russia and Ukraine. Moth of the victims belongs to high-tech, wholesale and education sectors.

MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app

The Last Watchdog

The core idea is pretty simple,” says Ambuj Kumar, CEO of Fortanix , a supplier of advanced encryption systems. Unless the population is properly educated about this solution and the app is executed properly, the general population may be hesitant to opt in,” Gruenberg says. If the devastating health and economic ramifications weren’t enough, individual privacy is also in the throes of being profoundly and permanently disrupted by the coronavirus pandemic.

Decrypting HiddenTear Ransomware for free with HT Brute Forcer

Security Affairs

In 2015, the Turkish security researchers Utku Sen published the HiddenTear ransomware, the first open source ransomware, for educational purposes. Click on the Browse Sample button and choose an encrypted PNG file.

Security Affairs newsletter Round 253

Security Affairs

Google sued by New Mexico attorney general for collecting student data through its Education Platform. Kr00k Wi-Fi Encryption flaw affects more than a billion devices. A new round of the weekly newsletter arrived! The best news of the week with Security Affairs.

Boosting Your Data Protection Strategy in 2019

Archive Document Data Storage

Use Encryption Software. You can protect your data from hackers by encrypting your data. Encryption software scrambles your emails and files, so only authorised end users with the encryption key can unlock and read them. Several software providers offer high-security encryption software. Schedule ongoing training sessions to educate your staff about evolving risks and data breach prevention strategies. 2018 was a banner year for data breaches in the UK.

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

Included in the breaches were Italy’s National Research Center , The Institute for Education Technologies , the ILIESI Institute for the European Intellectual Lexicon , National Mining Office for Hydrocarbons and Geo-resources , Ministry of Economic Development , State Police Association , Fratelli D’Italia , Lega Nord Trentino , Partito Democratico Siena , TV Trentino , Technapoli Equitalia , State Archives S.I.A.S. National Association of Professional Educators.

DePriMon downloader uses a never seen installation technique

Security Affairs

The group is very sophisticated and used zero-day exploits and complex malware to conduct targeted attacks against governments and organizations in almost every industry, including financial, energy, telecommunications, and education, aerospace.

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

lt/wras/savekey.php containing its hostname and the main decryption key for the host, which is, in itself, AES encrypted:” Palo Alto Networks researchers determine that ransomware strain was EDA2 based , open-source ransomware that was initially created for educational purposes.

CyberSecurity Hall of Fame

Adam Shostack

Hoffman, Distinguished Research Professor of Computer Science, The George Washington University; Horst Feistel, Cryptographer and Inventor of the United States Data Encryption Standard (DES); Paul Karger, High Assurance Architect, Prolific Writer and Creative Inventor; Butler Lampson, Adjunct Professor at MIT, Turing Award and Draper Prize winner; Leonard J. Congratulations to the 2016 winners ! Dan Geer, Chief Information Security Officer at In-Q-Tel; Lance J.

Mozilla Releases Annual Privacy Guide to Holiday Shopping

Adam Levin

It released the guide to educate consumers about privacy and tech, by providing a list of connected devices ranked by privacy and security. The Mozilla Foundation has released the second installation of *Privacy Not included, the organization’s annual privacy guide to internet-connected gifts.

Three Strategies for Big Data Security

Thales eSecurity

Encryption and access controls for underlying platforms (35% global and U.S.). Thales eSecurity’s Vormetric Transparent Encryption for data at rest is ideal for this approach, and with it, we would expect no noticeable degradation in system response.

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

It is unclear if the attackers have exfiltrated data from the systems before encrypting them. The attacker focused on encrypting data files in the Windows domain.

French DPA Releases New Guidance on Personal Data Security

Hunton Privacy

Educating users on data security risks. Encryption. European Union Information Security International Anonymization CNIL Data Controller Data Processor Encryption France Privacy By DesignOn October 7, 2010, the French Data Protection Authority (the “CNIL”) released its first comprehensive handbook on the security of personal data (the “Guidance”).

Finding the Best Business Cloud Storage with Advanced Security Features – Plus 3 Bonus Security Tips

OneHub

Data Encryption. Encrypting your data makes it essentially useless to hackers. Even if they’re able to access customer credit card information, confidential project documents, or employee social security numbers, they won’t be able to make sense of any of it, if it’s encrypted.

Cybersecurity Awareness Month Blog Series: Using Technology to Safeguard the Nation’s Critical Infrastructure

Thales eSecurity

In this blog post, I’ll discuss: Our current perimeter defense; The need to shift to a data-centric security approach; and, The need to educate the public to strengthen our critical infrastructure security posture. Education.