Expert insights. Personalized for you.
Agency Describes How DoH Can Help Prevent Eavesdropping The NSA has released guidance on how organizations can adopt encrypted domain name system protocols to prevent eavesdropping and manipulation of DNS traffic. MORE
Researchers Describe Sophisticated Phishing Campaign A new phishing campaign distributes ZLoader malware using advanced delivery techniques that demonstrate sophisticated understanding of Microsoft Office document formats and techniques, the security firm Forcepoint X-Labs reports MORE
Mike Stay broke an old zipfile encryption algorithm to recover $300,000 in bitcoin. bitcoin cryptanalysis cryptocurrency cryptography encryptionDefCon talk here. MORE
84 
MongoDB now has the ability to encrypt data by field : MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient. authentication cryptography encryption hacking keys MORE
The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts. Government Privacy apple Data Privacy Encryption End to end encryption Facebook FBI Lawful Access to Encrypted Data Act Security MORE
Technology Giant Didn't Want to 'Poke the Bear,' Sources Tell Reuters Apple previously scuttled plans add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. MORE
Teleconference Company Describes Series of Security Measures Zoom will begin beta testing an end-to-end encryption feature in July that it plans to make available at no charge to all who use the paid or free version of its teleconference platform. MORE
government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement. Government Newsmaker Interviews Videos apple backdoor EARN IT Encryption FBI government Lawful Access to Encrypted Data ActThe U.S. MORE
After backlash over false marketing around its encryption policies, Zoom will finally roll out end-to-end encryption next week. Cloud Security Vulnerabilities Web Security coronavirus COVID-19 E2EE Encryption End to end encryption Pandemic remote work Security transport layer security encryption video conferencing security zoom zoom meeting Zoom-bombing MORE
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security MORE
Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. This challenges the view that hardware encryption is preferable over software encryption. MORE
Together, the vendor giants aim to make "in use" encryption -- also known as "fully homomorphic encryption" -- economical and practical MORE
72 
The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code. I am seeing nothing on the Let's Encrypt website. MORE
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. Also featured: An analysis of Equifax's settlement with the FTC and a discussion of a new report on the cost of data breaches MORE
From a Wired article : Private Join and Compute uses a 1970s methodology known as "commutative encryption" to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. This is helpful for multiparty computation, where you need to apply and later peel away multiple layers of encryption without affecting the computations performed on the encrypted data. cryptography encryption google MORE
Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature. MORE
Web Conferencing Provider Blames Routing of Keys via China on Scaling-Up Error Zoom, responding to research that identified encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls. MORE
Mass Revocation Will Bring Too Much Concern, Project Says Let's Encrypt is going to take a softer approach to resolving the impacts from a bug in its systems that issues free TLS certificates. MORE
National Security Agency has released guidance on how the Defense Department, other federal agencies and the contractors that support them should replace obsolete encryption protocols that can enable cyber intrusions. Agency Recommends Replacement of Old TLS and SSL Protocols The U.S. MORE
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it. Government Mobile Security Privacy Web Security Consumer Protection Procedures Act damages End to end encryption false advertising Lawsuit legal challenges sued Washington D.C. MORE
Analysis of Common Mistakes Made When Encrypting Data The Marriott mega-breach is calling attention to whether organizations are storing too much data and whether they're adequately protecting it with the proper encryption steps. Experts offer insights on making the right moves MORE
Stolen Laptop Contained Patient Data on Thousands Just when you thought the days of big data breaches tied to stolen unencrypted laptops were over comes news of an incident in Oregon affecting hundreds of thousands. What happened this time MORE
The ability to perform complex calculations on encrypted data promises a new level of privacy and data security for companies in the public and private sectors. MORE
Encryption remains a mainstay of IT security technology, a critical tool for protecting sensitive data. We evaluate the top encryption solutions MORE
As the Signal protocol becomes the industry standard, it's worth understanding what sets it apart from other forms of end-to-end encrypted messaging. MORE
US, UK and Australia Push for Law Enforcement Access Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. The U.S., and Australia are asking Facebook to ensure law enforcement can access messages MORE
Matthew Green has a super-interesting blog post about information leakage from encrypted databases. academicpapers databases encryptionIt describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson. Even the summary is too much to summarize, so read it. MORE
Law Enforcement Leaders Say Encryption Delayed Terrorist Investigation; Apple Pushes Back Although FBI technicians were able to gain access to data in two iPhones belonging to a Saudi national who killed three U.S. MORE
Many Vendors of Illegal Drugs, Weapons, Hacking Tools Prefer Markets With so many cybercrime markets continuing to disappear, why haven't encrypted messaging apps stepped in to fill the gap? But encrypted apps have their own downsides They might seem to be the perfect solution to admins stealing buyers' and sellers' cryptocurrency - via an exit scam - or police infiltration. MORE
After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole. He was reportedly unmasked after investigators found someone had pitched stolen secrets to the CEO of Phantom Secure, a secure smartphone service marketed to criminals that authorities shuttered last year MORE
Romanians Allegedly Ran 'CyberSeal,' 'Dataprotector' and 'Cyberscan' Services Europol has arrested two Romanians for allegedly selling services - including malware encryption - that helped cybercriminals circumvent antivirus tools MORE
173 Learn How To Run Deep SSL Inspection For Encrypted Traffic. View this webinar OnDemand and learn how you can run deep SSL inspection for encrypted traffic MORE
151 
Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. The post Google discloses a severe flaw in widely used Libgcrypt encryption library appeared first on Security Affairs. MORE
Zoom is doing the right thing : it's making end-to-end encryption available to all users, paid and unpaid. cybersecurity encryption securityengineering twofactorauthentication videoconferencing MORE
Navigation and Smartwatch Company Stops Short of Using Term 'Ransomware' Garmin acknowledged Monday that a "cyberattack" that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline. MORE
The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. ” With E2EE, users will be able to generate individual encryption keys and use them to protect voice or video calls with encryption protecting them from eavesdropping. MORE
I’ve signed onto a letter to the European Commission on end to end encrypted communications. Software Engineering MORE
Cracking of EncroChat's Network Leads to Hundreds of Arrests in Organized Crime Crackdown European police gained access to messages sent via an encrypted cellular network, leading to the arrest of hundreds of alleged organized crime members, according to Europol MORE
Government Can Force Technology Companies to Break Encryption Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software MORE
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee. MORE
Encryption Related Topics Data Breach Today
JANUARY 6, 2021
National Security Agency has released guidance on how the Defense Department, other federal agencies and the contractors that support them should replace obsolete encryption protocols that can enable cyber intrusions. Agency Recommends Replacement of Old TLS and SSL Protocols The U.S.
Data Breach Today
JANUARY 15, 2021
Agency Describes How DoH Can Help Prevent Eavesdropping The NSA has released guidance on how organizations can adopt encrypted domain name system protocols to prevent eavesdropping and manipulation of DNS traffic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Schneier on Security
MARCH 4, 2020
The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code. I am seeing nothing on the Let's Encrypt website.
Data Breach Today
JULY 27, 2020
Navigation and Smartwatch Company Stops Short of Using Term 'Ransomware' Garmin acknowledged Monday that a "cyberattack" that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline.
Data Breach Today
NOVEMBER 20, 2020
Romanians Allegedly Ran 'CyberSeal,' 'Dataprotector' and 'Cyberscan' Services Europol has arrested two Romanians for allegedly selling services - including malware encryption - that helped cybercriminals circumvent antivirus tools
Data Breach Today
MARCH 9, 2021
Researchers Describe Sophisticated Phishing Campaign A new phishing campaign distributes ZLoader malware using advanced delivery techniques that demonstrate sophisticated understanding of Microsoft Office document formats and techniques, the security firm Forcepoint X-Labs reports
eSecurity Planet
NOVEMBER 25, 2020
Encryption remains a mainstay of IT security technology, a critical tool for protecting sensitive data. We evaluate the top encryption solutions
Schneier on Security
AUGUST 12, 2020
Mike Stay broke an old zipfile encryption algorithm to recover $300,000 in bitcoin. bitcoin cryptanalysis cryptocurrency cryptography encryptionDefCon talk here.
Dark Reading
DECEMBER 28, 2020
The ability to perform complex calculations on encrypted data promises a new level of privacy and data security for companies in the public and private sectors.
Data Breach Today
DECEMBER 7, 2018
Government Can Force Technology Companies to Break Encryption Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software
Data Breach Today
JULY 2, 2020
Cracking of EncroChat's Network Leads to Hundreds of Arrests in Organized Crime Crackdown European police gained access to messages sent via an encrypted cellular network, leading to the arrest of hundreds of alleged organized crime members, according to Europol
|
Data Breach Today
JUNE 19, 2020
Teleconference Company Describes Series of Security Measures Zoom will begin beta testing an end-to-end encryption feature in July that it plans to make available at no charge to all who use the paid or free version of its teleconference platform.
WIRED Threat Level
NOVEMBER 29, 2020
As the Signal protocol becomes the industry standard, it's worth understanding what sets it apart from other forms of end-to-end encrypted messaging.
Data Breach Today
JUNE 11, 2020
Learn How To Run Deep SSL Inspection For Encrypted Traffic. View this webinar OnDemand and learn how you can run deep SSL inspection for encrypted traffic
Data Breach Today
JULY 5, 2019
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. Plus, D-Link's proposed settlement with the FTC and a CISO's update on medical device security
Data Breach Today
MAY 19, 2020
Law Enforcement Leaders Say Encryption Delayed Terrorist Investigation; Apple Pushes Back Although FBI technicians were able to gain access to data in two iPhones belonging to a Saudi national who killed three U.S.
Threatpost
JUNE 24, 2020
The Lawful Access to Encrypted Data Act is being decried as "an awful idea" by security experts. Government Privacy apple Data Privacy Encryption End to end encryption Facebook FBI Lawful Access to Encrypted Data Act Security
Data Breach Today
JULY 26, 2019
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. Also featured: An analysis of Equifax's settlement with the FTC and a discussion of a new report on the cost of data breaches
Threatpost
JULY 27, 2020
government and tech companies continue to butt heads over the idea of encryption and what that means for law enforcement. Government Newsmaker Interviews Videos apple backdoor EARN IT Encryption FBI government Lawful Access to Encrypted Data ActThe U.S.
Data Breach Today
OCTOBER 4, 2019
US, UK and Australia Push for Law Enforcement Access Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. The U.S., and Australia are asking Facebook to ensure law enforcement can access messages
Dark Reading
MARCH 8, 2021
Together, the vendor giants aim to make "in use" encryption -- also known as "fully homomorphic encryption" -- economical and practical
Threatpost
OCTOBER 15, 2020
After backlash over false marketing around its encryption policies, Zoom will finally roll out end-to-end encryption next week. Cloud Security Vulnerabilities Web Security coronavirus COVID-19 E2EE Encryption End to end encryption Pandemic remote work Security transport layer security encryption video conferencing security zoom zoom meeting Zoom-bombing
Schneier on Security
JUNE 17, 2020
Zoom is doing the right thing : it's making end-to-end encryption available to all users, paid and unpaid. cybersecurity encryption securityengineering twofactorauthentication videoconferencing
Data Breach Today
FEBRUARY 6, 2020
Stolen Laptop Contained Patient Data on Thousands Just when you thought the days of big data breaches tied to stolen unencrypted laptops were over comes news of an incident in Oregon affecting hundreds of thousands. What happened this time
Schneier on Security
JULY 2, 2019
From a Wired article : Private Join and Compute uses a 1970s methodology known as "commutative encryption" to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. This is helpful for multiparty computation, where you need to apply and later peel away multiple layers of encryption without affecting the computations performed on the encrypted data. cryptography encryption google
Schneier on Security
JUNE 26, 2019
MongoDB now has the ability to encrypt data by field : MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient. authentication cryptography encryption hacking keys
Security Affairs
FEBRUARY 1, 2021
Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. The post Google discloses a severe flaw in widely used Libgcrypt encryption library appeared first on Security Affairs.
Schneier on Security
NOVEMBER 6, 2018
Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. This challenges the view that hardware encryption is preferable over software encryption.
Data Breach Today
SEPTEMBER 25, 2020
Many Vendors of Illegal Drugs, Weapons, Hacking Tools Prefer Markets With so many cybercrime markets continuing to disappear, why haven't encrypted messaging apps stepped in to fill the gap? But encrypted apps have their own downsides They might seem to be the perfect solution to admins stealing buyers' and sellers' cryptocurrency - via an exit scam - or police infiltration.
Threatpost
AUGUST 13, 2020
The video-conferencing specialist has yet to roll out full encryption, but it says it's working on it. Government Mobile Security Privacy Web Security Consumer Protection Procedures Act damages End to end encryption false advertising Lawsuit legal challenges sued Washington D.C.
Data Breach Today
JANUARY 8, 2019
Analysis of Common Mistakes Made When Encrypting Data The Marriott mega-breach is calling attention to whether organizations are storing too much data and whether they're adequately protecting it with the proper encryption steps. Experts offer insights on making the right moves
Adam Shostack
NOVEMBER 22, 2020
I’ve signed onto a letter to the European Commission on end to end encrypted communications. Software Engineering
Threatpost
OCTOBER 14, 2020
Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature.
Schneier on Security
MARCH 1, 2019
Matthew Green has a super-interesting blog post about information leakage from encrypted databases. academicpapers databases encryptionIt describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson. Even the summary is too much to summarize, so read it.
Data Breach Today
JANUARY 22, 2020
Technology Giant Didn't Want to 'Poke the Bear,' Sources Tell Reuters Apple previously scuttled plans add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations.
Data Breach Today
SEPTEMBER 17, 2019
After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole. He was reportedly unmasked after investigators found someone had pitched stolen secrets to the CEO of Phantom Secure, a secure smartphone service marketed to criminals that authorities shuttered last year
Data Breach Today
MARCH 6, 2020
Mass Revocation Will Bring Too Much Concern, Project Says Let's Encrypt is going to take a softer approach to resolving the impacts from a bug in its systems that issues free TLS certificates.
Schneier on Security
JANUARY 23, 2020
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.
Security Affairs
OCTOBER 15, 2020
The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. ” With E2EE, users will be able to generate individual encryption keys and use them to protect voice or video calls with encryption protecting them from eavesdropping.
Let's personalize your content