Expert insights. Personalized for you.
It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol. So cyber criminals, too, have begun regularly using TLS to encrypt their attacks. MORE
Attorney general William Barr seems eager to reignite the encryption wars, starting with the social media giant. Security Security / Privacy MORE
MongoDB now has the ability to encrypt data by field : MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient. MORE
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. backdoors encryption keyescrow nationalsecuritypolicy vulnerabilities MORE
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption MORE
This is true even though encryption will impose costs on society, especially victims of other types of crime. [.]. Basically, he argues that the security value of strong encryption greatly outweighs the security value of encryption that can be bypassed. MORE
Technology Giant Didn't Want to 'Poke the Bear,' Sources Tell Reuters Apple previously scuttled plans add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. MORE
So-called lightweight encryption has its place. But some researchers argue that more manufacturers should stick with proven methods. Security Security / Security News MORE
Encryption is a cornerstone of digital commerce. Related: A ‘homomorphic-like’ encryption solution We know very well how to encrypt data in transit. And we’ve mastered how to encrypt — and decrypt — data at rest. However, we’ve yet to arrive at a seminal means to crunch encrypted data – without first having to decrypt it. PKI is the authentication and encryption framework on which the Internet is built. MORE
Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. “Let’s Encrypt found a bug in our CAA code. ” reads the advisory published by Let’s Encrypt. MORE
The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. SecurityAffairs – encryption, hacking). The post Apple Mail stores parts of encrypted emails in plaintext DB appeared first on Security Affairs. MORE
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications. MORE
cryptography encryption germany historyofcryptographyA German auction house is selling an SG-41. It looks beautiful. Starting price is 75,000 euros. My guess is that it will sell for around 100K euros. MORE
Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. MORE
The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code. I am seeing nothing on the Let's Encrypt website. MORE
academicpapers algorithms backdoors cryptanalysis cryptography encryption hashes russiaA pair of Russia-designed cryptographic algorithms -- the Kuznyechik block cipher and the Streebog hash function -- have the same flawed S-box that is almost certainly an intentional backdoor. MORE
It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. Researcher Finds Intel's Previous Management Engine Patches Weren't Foolproof Intel has had a challenging time of late on the vulnerability front. MORE
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption. MORE
From a Wired article : Private Join and Compute uses a 1970s methodology known as "commutative encryption" to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. cryptography encryption google MORE
Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations. MORE
DHS, Philips Issue Advisories for HealthSuite Android Health App The lack of strong encryption in Philips' HealthSuite Health Android app leaves the mobile health software vulnerable to hacking, according to a new advisory issued by the medical device manufacturer and an alert from the Department of Homeland Security. MORE
Web Conferencing Provider Blames Routing of Keys via China on Scaling-Up Error Zoom, responding to research that identified encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls. MORE
Mass Revocation Will Bring Too Much Concern, Project Says Let's Encrypt is going to take a softer approach to resolving the impacts from a bug in its systems that issues free TLS certificates. MORE
Analysis of Common Mistakes Made When Encrypting Data The Marriott mega-breach is calling attention to whether organizations are storing too much data and whether they're adequately protecting it with the proper encryption steps. MORE
Stolen Laptop Contained Patient Data on Thousands Just when you thought the days of big data breaches tied to stolen unencrypted laptops were over comes news of an incident in Oregon affecting hundreds of thousands. What happened this time MORE
Last month, Attorney General William Barr gave a major speech on encryption policywhat is commonly known as "going dark." Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations. MORE
PDFex can bypass encryption and password protection in most PDF readers and online validation services. Hacks Vulnerabilities Adobe Acrobat chrome Encryption Firefox password protection Passwords PDF PDF files PDFex public key encryption MORE
US, UK and Australia Push for Law Enforcement Access Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted. MORE
Matthew Green has a super-interesting blog post about information leakage from encrypted databases. academicpapers databases encryptionIt describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson. MORE
After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole. MORE
Security teams have been slow to embrace enterprisewide encryption, and for good reasons. But the truth is, it doesn't have to be an all-or-nothing endeavor MORE
Senate Committee Reviewing Law With an Eye to Amend Technology organizations say Australia's anti-encryption law passed in December is already undermining trust in their local operations. MORE
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption MORE
Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. The public key goes into the processor and the device, and is used to encrypt whatever user key encrypts the data. MORE
Some G7 countries highlight the importance of not prohibiting, limiting, or weakening encryption; There is a weird belief amongst policy makers that hacking an encryption system's key management system is fundamentally different than hacking the system's encryption algorithm. MORE
Director Calls For 'Responsible' Solution That's Not a Backdoor FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement. MORE
Government Can Force Technology Companies to Break Encryption Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software MORE
At least one presidential candidate has a policy about quantum computing and encryption. One: fund quantum-resistant encryption standards. blockchain cryptography encryption nationalsecuritypolicy quantumcomputing MORE
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee. MORE
Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. The answer to these question changes your encryption strategy. MORE
Encryption Related Topics Schneier on Security
MARCH 4, 2020
The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code. I am seeing nothing on the Let's Encrypt website.
Data Breach Today
APRIL 6, 2020
Web Conferencing Provider Blames Routing of Keys via China on Scaling-Up Error Zoom, responding to research that identified encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 5, 2019
The latest edition of the ISMG Security Report analyzes the debate over whether the government should require technology firms to use weak encryption for messaging applications.
Data Breach Today
OCTOBER 4, 2019
US, UK and Australia Push for Law Enforcement Access Facebook is falling under renewed pressure for its plans to make its messaging platforms fully encrypted.
Data Breach Today
JULY 26, 2019
The latest edition of the ISMG Security Report offers a deep dive on the debate about whether law enforcement officials should have a "backdoor" to circumvent encryption.
Schneier on Security
JUNE 26, 2019
MongoDB now has the ability to encrypt data by field : MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient.
|
Data Breach Today
DECEMBER 7, 2018
Government Can Force Technology Companies to Break Encryption Australia's Parliament has passed new laws enabling it to compel technology companies to break their own encryption. Although the government argued the laws are needed to combat criminal activity and terrorism, opponents argued the powers could creep beyond their scope and weaken the security of all software
Schneier on Security
JULY 2, 2019
From a Wired article : Private Join and Compute uses a 1970s methodology known as "commutative encryption" to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. cryptography encryption google
Data Breach Today
MARCH 6, 2020
Mass Revocation Will Bring Too Much Concern, Project Says Let's Encrypt is going to take a softer approach to resolving the impacts from a bug in its systems that issues free TLS certificates.
Data Breach Today
SEPTEMBER 17, 2019
After Arresting Phantom Secure CEO, Authorities Reportedly Saw Secrets for Sale The Canadian government has arrested a senior intelligence official on charges of working as a mole.
Data Breach Today
JANUARY 8, 2019
Analysis of Common Mistakes Made When Encrypting Data The Marriott mega-breach is calling attention to whether organizations are storing too much data and whether they're adequately protecting it with the proper encryption steps.
|
|
Schneier on Security
MARCH 1, 2019
Matthew Green has a super-interesting blog post about information leakage from encrypted databases. academicpapers databases encryptionIt describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson.
Schneier on Security
NOVEMBER 6, 2018
Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.
Data Breach Today
JANUARY 22, 2020
Technology Giant Didn't Want to 'Poke the Bear,' Sources Tell Reuters Apple previously scuttled plans add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations.
Dark Reading
AUGUST 7, 2019
Security teams have been slow to embrace enterprisewide encryption, and for good reasons. But the truth is, it doesn't have to be an all-or-nothing endeavor
Schneier on Security
MAY 10, 2019
academicpapers algorithms backdoors cryptanalysis cryptography encryption hashes russiaA pair of Russia-designed cryptographic algorithms -- the Kuznyechik block cipher and the Streebog hash function -- have the same flawed S-box that is almost certainly an intentional backdoor.
Schneier on Security
JULY 24, 2019
Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations.
Schneier on Security
MAY 23, 2019
cryptography encryption germany historyofcryptographyA German auction house is selling an SG-41. It looks beautiful. Starting price is 75,000 euros. My guess is that it will sell for around 100K euros.
Threatpost
OCTOBER 2, 2019
PDFex can bypass encryption and password protection in most PDF readers and online validation services. Hacks Vulnerabilities Adobe Acrobat chrome Encryption Firefox password protection Passwords PDF PDF files PDFex public key encryption
Data Breach Today
FEBRUARY 26, 2019
Senate Committee Reviewing Law With an Eye to Amend Technology organizations say Australia's anti-encryption law passed in December is already undermining trust in their local operations.
Schneier on Security
APRIL 23, 2019
Some G7 countries highlight the importance of not prohibiting, limiting, or weakening encryption; There is a weird belief amongst policy makers that hacking an encryption system's key management system is fundamentally different than hacking the system's encryption algorithm.
Dark Reading
AUGUST 23, 2019
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption
Dark Reading
AUGUST 23, 2019
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption
Schneier on Security
AUGUST 14, 2019
Last month, Attorney General William Barr gave a major speech on encryption policywhat is commonly known as "going dark." Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations.
Data Breach Today
DECEMBER 11, 2018
DHS, Philips Issue Advisories for HealthSuite Android Health App The lack of strong encryption in Philips' HealthSuite Health Android app leaves the mobile health software vulnerable to hacking, according to a new advisory issued by the medical device manufacturer and an alert from the Department of Homeland Security.
Thales eSecurity
MARCH 13, 2018
Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. The answer to these question changes your encryption strategy.
Schneier on Security
MAY 7, 2018
Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. The public key goes into the processor and the device, and is used to encrypt whatever user key encrypts the data.
Security Affairs
MARCH 4, 2020
Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. “Let’s Encrypt found a bug in our CAA code. ” reads the advisory published by Let’s Encrypt.
Schneier on Security
JULY 12, 2019
At least one presidential candidate has a policy about quantum computing and encryption. One: fund quantum-resistant encryption standards. blockchain cryptography encryption nationalsecuritypolicy quantumcomputing
Schneier on Security
JUNE 27, 2018
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. backdoors encryption keyescrow nationalsecuritypolicy vulnerabilities
Data Breach Today
SEPTEMBER 14, 2018
It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. Researcher Finds Intel's Previous Management Engine Patches Weren't Foolproof Intel has had a challenging time of late on the vulnerability front.
Schneier on Security
OCTOBER 28, 2019
This is true even though encryption will impose costs on society, especially victims of other types of crime. [.]. Basically, he argues that the security value of strong encryption greatly outweighs the security value of encryption that can be bypassed.
WIRED Threat Level
NOVEMBER 23, 2019
So-called lightweight encryption has its place. But some researchers argue that more manufacturers should stick with proven methods. Security Security / Security News
Data Breach Today
JANUARY 10, 2018
Director Calls For 'Responsible' Solution That's Not a Backdoor FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement.
The Last Watchdog
MARCH 17, 2020
Encryption is a cornerstone of digital commerce. Related: A ‘homomorphic-like’ encryption solution We know very well how to encrypt data in transit. And we’ve mastered how to encrypt — and decrypt — data at rest. However, we’ve yet to arrive at a seminal means to crunch encrypted data – without first having to decrypt it. PKI is the authentication and encryption framework on which the Internet is built.
The Last Watchdog
FEBRUARY 18, 2020
It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol. So cyber criminals, too, have begun regularly using TLS to encrypt their attacks.
Security Affairs
NOVEMBER 10, 2019
The Apple Mail app available on macOS stores leave s a portion of users encrypted emails in plaintext in a database called snippets. SecurityAffairs – encryption, hacking). The post Apple Mail stores parts of encrypted emails in plaintext DB appeared first on Security Affairs.
Schneier on Security
JANUARY 23, 2020
This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.
WIRED Threat Level
OCTOBER 3, 2019
Attorney general William Barr seems eager to reignite the encryption wars, starting with the social media giant. Security Security / Privacy
153 
Let's personalize your content