INDUSTRY INSIGHTS YOUR PEERS ARE READING
Collateral damage is already being felt by the likes of Signal, a popular, encrypted-messaging app blocked by some governments MORE
Now in its 13 th year, our Global Encryption Trends Study that is performed by the Ponemon Institute reveals interesting findings that span a dozen different geographies. Below I have highlighted other key trends revealed in the 2018 France Encryption Trends Study. Encryption MORE
Internet infrastructure company Cloudflare appears to be preparing to launch a service to encrypt traffic to the computers that look up web addresses. Business Security MORE
Nowhere GDPR Articles mention that encryption is necessary but implementing such measures can reduce the occurrence of a data breach. GDPR Compliant Encryption Methods. The two most commonly stated GDPR-compliant encryption methods mentioned in the GDPR Articles are as follows, 1. MORE
Apple is bowing to pressure from the Chinese government and storing encryption keys in China. apple china cloudcomputing encryption iphone keyescrow privacy MORE
PCI-DSS Requirement Looms on June 30 New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions. MORE
Researchers demonstrate how an encrypted macOS hard drive can still leak unprotected data via the operating system’s Finder and QuickLook feature. Cryptography Hacks Privacy Apple File System containers encrypted hard drive macOS Patrick Wardle QuickLook VeraCrypt container MORE
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. backdoors encryption keyescrow nationalsecuritypolicy vulnerabilities MORE
One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself. MORE
Large data scale breaches have led an increasing number of companies to embrace comprehensive encryption strategies to protect their assets. Solutions for Transparent Database Encryption. Streamlining operations and improving security. MORE
The maker of an encrypted messaging app that’s prized by those seeking privacy lost a bid before Russia’s Supreme Court to block security services from getting access to users’ data. Encryption Data security Cyber security MORE
It's a new name for an old argument: that public agencies fighting crime and terrorism must have access to our private communications—for our own good. Security MORE
Government moves ahead with legislation despite criticism from the opposition The Australian government is pushing ahead with controversial legislation it says will create “back doors” into encrypted communication services – but still can’t say when it will introduce the bill. Related: We need to build a new social contract for the digital age | Kevin Keith Related: New law would force Facebook and Google to give police access to encrypted messages Continue reading. MORE
This article says that the Virginia Beach police are looking to buy encrypted radios. Virginia Beach police believe encryption will prevent criminals from listening to police communications. backdoors encryption lawenforcement police MORE
Earlier this month, I wrote about a statement by the Five Eyes countries about encryption and back doors. backdoors cryptowars cryptography encryption intelligence lawenforcement privacy MORE
Virtual machines that use AMD’s hardware-based encryption scheme are vulnerable to attacks that can extract the full contents of their main memory – in plaintext. Uncategorized AMD attack Encryption Hypervisor Research Secure Processor sev severed virtual machine virtualization VM MORE
Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. MORE
An analysis of FBI Director Christopher Wray's comments about how encryption poses complications for law enforcement officials leads the latest edition of the ISMG Security Report. Also featured: The former CISO of the state of Michigan sizes up cybersecurity forecasts MORE
Cloud providers have done a good job of integrating default encryption services within their core infrastructure. However, as discussed in previous blogs , the encryption service is only as secure as the keys that are used to encrypt the data. MORE
It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. Researcher Finds Intel's Previous Management Engine Patches Weren't Foolproof Intel has had a challenging time of late on the vulnerability front. MORE
Seems like everyone is writing about encryption and backdoors this season. Policy Approaches to the Encryption Debate ," R Street Policy Study #133, by Charles Duan, Arthur Rizer, Zach Graves and Mike Godwin. Encryption Policy in Democratic Regimes ," East West Institute. MORE
German researchers say that a flaw in the app's group-chat feature undermines its end-to-end encryption promises. Security MORE
Let’s Encrypt certificates can now stand on their own for almost all newer versions of operating systems, browsers and devices. Web Security browsers digital certificates direct trust HTTPS Let's Encrypt Microsoft MORE
An analysis of a crackdown on criminals' use of encrypted communications leads the latest edition of the ISMG Security Report. Also: a preview of ISMG's Healthcare Security and Legal & Compliance summits, including expert insights on vendor risk management MORE
After years of lingering questions about Skype's commitment to protecting user data, it will soon offer end-to-end encryption to its 300 million monthly users. Security MORE
Security agencies would be given access to encrypted messaging apps under bid to ‘modernise’ laws Technology companies such as Facebook and Google would be forced to give Australian security agencies access to encrypted data under legislation to be introduced by the Turnbull government. Related: Encryption keeps us safe. Data protection Australia news Australian security and counter-terrorism Technology Encryption Facebook Google Social networking MORE
Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. But what exactly is meant by ‘pseudonymisation’ and ‘encryption’? MORE
To combat threats and keep data safe, IT teams must employ robust encryption, key management, and access controls. To secure storage, many organizations have been leveraging native encryption offerings from their storage vendors. MORE
FBI stats about inaccessible cellphones were inflated, undermining already controversial bureau claims about the threat of encryption. Security MORE
The debate over the government's authority to access private encrypted data on digital devices was amplified when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an 'urgent public safety issue.'. google iPhone 5c iPhone encryption San Bernardino smartphone encryption terrorist U.S. MORE
Cryptography Privacy Vulnerabilities Bitlocker crucial data encryption physical access raboud university Samsung solid state drives vulnerabilityFirmware updates won't address the problem, so admins need to take other action. MORE
The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. MORE
One of the long standing challenges with security applications that involve data encryption has been key management. Vormetric Application Encryption. Today’s Vormetric Application Encryption provides a library that provides the PKCS #11 interface as a dynamically loadable library (.DLL) MORE
Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. The public key goes into the processor and the device, and is used to encrypt whatever user key encrypts the data. MORE
encryption will benefit the payments ecosystem, it'll be rough going for those with older devices. While ditching TLS 1.0 Security MORE
As recent events have shown, using an encrypted messaging app like WhatsApp or Signal is no privacy panacea. Security MORE
Geopolitical changes drive personal encryption among security pros, who are increasingly worried about encryption backdoors MORE
An attack called eFail overcomes the protections of encrypted email standards PGP and S/MIME. Security MORE
Director Calls For 'Responsible' Solution That's Not a Backdoor FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement. MORE
As a result, database encryption has never been more crucial in order to protect the massive amounts of information that is held in the diverse mix of databases that large enterprises rely on today, including relational, SQL, NoSQL and big data environments. Database Encryption MORE
Pixek, an end-to-end encrypted photo app, could point to the future of searchable cloud data storage. Security MORE
Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use. Here are excerpts edited for clarity and space: LW: What’s wrong with granting governments the ability to break encryption? MORE
Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. The answer to these question changes your encryption strategy. MORE
To address this, many regulations and enterprise policies turn to encryption as a safe and efficient way to protect data. Encryption adds security at the root of the risk, which is not at the client, server, or device layer but rather at the data itself. MORE
Encryption Related Topics Schneier on Security
NOVEMBER 6, 2018
Interesting research: " Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs) ": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.
Perficient Data & Analytics
OCTOBER 25, 2018
Nowhere GDPR Articles mention that encryption is necessary but implementing such measures can reduce the occurrence of a data breach. GDPR Compliant Encryption Methods. The two most commonly stated GDPR-compliant encryption methods mentioned in the GDPR Articles are as follows, 1.
IT Governance
NOVEMBER 13, 2018
Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. But what exactly is meant by ‘pseudonymisation’ and ‘encryption’?
Data Breach Today
SEPTEMBER 14, 2018
It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. Researcher Finds Intel's Previous Management Engine Patches Weren't Foolproof Intel has had a challenging time of late on the vulnerability front.
Security Affairs
NOVEMBER 6, 2018
The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.
Schneier on Security
OCTOBER 1, 2018
Earlier this month, I wrote about a statement by the Five Eyes countries about encryption and back doors. backdoors cryptowars cryptography encryption intelligence lawenforcement privacy
Thales Data Security
MARCH 13, 2018
Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. The answer to these question changes your encryption strategy.
Data Breach Today
NOVEMBER 9, 2018
An analysis of a crackdown on criminals' use of encrypted communications leads the latest edition of the ISMG Security Report. Also: a preview of ISMG's Healthcare Security and Legal & Compliance summits, including expert insights on vendor risk management
Schneier on Security
JUNE 27, 2018
The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. backdoors encryption keyescrow nationalsecuritypolicy vulnerabilities
Data Breach Today
JANUARY 10, 2018
Director Calls For 'Responsible' Solution That's Not a Backdoor FBI Director Christopher Wray says the agency was unable to access nearly 7,800 devices in fiscal 2017 because of encryption, which he alleges will pose ever-increasing complications for law enforcement.
Schneier on Security
MAY 9, 2018
This article says that the Virginia Beach police are looking to buy encrypted radios. Virginia Beach police believe encryption will prevent criminals from listening to police communications. backdoors encryption lawenforcement police
The Last Watchdog
JULY 30, 2018
One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself.
Data Breach Today
MAY 2, 2018
PCI-DSS Requirement Looms on June 30 New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions.
Thales Data Security
MAY 3, 2018
Large data scale breaches have led an increasing number of companies to embrace comprehensive encryption strategies to protect their assets. Solutions for Transparent Database Encryption. Streamlining operations and improving security.
Threatpost
NOVEMBER 6, 2018
Cryptography Privacy Vulnerabilities Bitlocker crucial data encryption physical access raboud university Samsung solid state drives vulnerabilityFirmware updates won't address the problem, so admins need to take other action.
Schneier on Security
FEBRUARY 28, 2018
Apple is bowing to pressure from the Chinese government and storing encryption keys in China. apple china cloudcomputing encryption iphone keyescrow privacy
Schneier on Security
MARCH 12, 2018
Seems like everyone is writing about encryption and backdoors this season. Policy Approaches to the Encryption Debate ," R Street Policy Study #133, by Charles Duan, Arthur Rizer, Zach Graves and Mike Godwin. Encryption Policy in Democratic Regimes ," East West Institute.
Data Breach Today
MAY 2, 2018
Collateral damage is already being felt by the likes of Signal, a popular, encrypted-messaging app blocked by some governments
Data Breach Today
JANUARY 12, 2018
An analysis of FBI Director Christopher Wray's comments about how encryption poses complications for law enforcement officials leads the latest edition of the ISMG Security Report. Also featured: The former CISO of the state of Michigan sizes up cybersecurity forecasts
WIRED Threat Level
MAY 23, 2018
FBI stats about inaccessible cellphones were inflated, undermining already controversial bureau claims about the threat of encryption. Security
Thales Data Security
MARCH 28, 2018
Cloud providers have done a good job of integrating default encryption services within their core infrastructure. However, as discussed in previous blogs , the encryption service is only as secure as the keys that are used to encrypt the data.
WIRED Threat Level
JUNE 6, 2018
encryption will benefit the payments ecosystem, it'll be rough going for those with older devices. While ditching TLS 1.0 Security
Thales Data Security
OCTOBER 25, 2017
To combat threats and keep data safe, IT teams must employ robust encryption, key management, and access controls. To secure storage, many organizations have been leveraging native encryption offerings from their storage vendors.
Thales Data Security
JULY 26, 2018
As a result, database encryption has never been more crucial in order to protect the massive amounts of information that is held in the diverse mix of databases that large enterprises rely on today, including relational, SQL, NoSQL and big data environments. Database Encryption
Thales Data Security
SEPTEMBER 20, 2018
Now in its 13 th year, our Global Encryption Trends Study that is performed by the Ponemon Institute reveals interesting findings that span a dozen different geographies. Below I have highlighted other key trends revealed in the 2018 France Encryption Trends Study. Encryption
The Last Watchdog
SEPTEMBER 17, 2018
Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? The disturbing thing is that in North America and Europe more and more arguments are being raised in support of creating and maintaining encryption backdoors for government use. Here are excerpts edited for clarity and space: LW: What’s wrong with granting governments the ability to break encryption?
WIRED Threat Level
MARCH 30, 2018
Internet infrastructure company Cloudflare appears to be preparing to launch a service to encrypt traffic to the computers that look up web addresses. Business Security
Thales Data Security
JANUARY 18, 2018
To address this, many regulations and enterprise policies turn to encryption as a safe and efficient way to protect data. Encryption adds security at the root of the risk, which is not at the client, server, or device layer but rather at the data itself.
WIRED Threat Level
JUNE 14, 2018
As recent events have shown, using an encrypted messaging app like WhatsApp or Signal is no privacy panacea. Security
WIRED Threat Level
MAY 14, 2018
An attack called eFail overcomes the protections of encrypted email standards PGP and S/MIME. Security
Threatpost
JANUARY 10, 2018
The debate over the government's authority to access private encrypted data on digital devices was amplified when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an 'urgent public safety issue.'. google iPhone 5c iPhone encryption San Bernardino smartphone encryption terrorist U.S.
WIRED Threat Level
JANUARY 22, 2018
Pixek, an end-to-end encrypted photo app, could point to the future of searchable cloud data storage. Security
WIRED Threat Level
JANUARY 14, 2018
It's a new name for an old argument: that public agencies fighting crime and terrorism must have access to our private communications—for our own good. Security
WIRED Threat Level
JANUARY 11, 2018
After years of lingering questions about Skype's commitment to protecting user data, it will soon offer end-to-end encryption to its 300 million monthly users. Security
Threatpost
AUGUST 7, 2018
Let’s Encrypt certificates can now stand on their own for almost all newer versions of operating systems, browsers and devices. Web Security browsers digital certificates direct trust HTTPS Let's Encrypt Microsoft
Thales Data Security
APRIL 18, 2018
One of the long standing challenges with security applications that involve data encryption has been key management. Vormetric Application Encryption. Today’s Vormetric Application Encryption provides a library that provides the PKCS #11 interface as a dynamically loadable library (.DLL)
The Guardian Data Protection
JUNE 6, 2018
Security agencies would be given access to encrypted messaging apps under bid to ‘modernise’ laws Technology companies such as Facebook and Google would be forced to give Australian security agencies access to encrypted data under legislation to be introduced by the Turnbull government. Related: Encryption keeps us safe. Data protection Australia news Australian security and counter-terrorism Technology Encryption Facebook Google Social networking
Threatpost
JUNE 18, 2018
Researchers demonstrate how an encrypted macOS hard drive can still leak unprotected data via the operating system’s Finder and QuickLook feature. Cryptography Hacks Privacy Apple File System containers encrypted hard drive macOS Patrick Wardle QuickLook VeraCrypt container
Dark Reading
MAY 10, 2018
Geopolitical changes drive personal encryption among security pros, who are increasingly worried about encryption backdoors
Threatpost
MAY 29, 2018
Virtual machines that use AMD’s hardware-based encryption scheme are vulnerable to attacks that can extract the full contents of their main memory – in plaintext. Uncategorized AMD attack Encryption Hypervisor Research Secure Processor sev severed virtual machine virtualization VM
Information Management Resources
MARCH 21, 2018
The maker of an encrypted messaging app that’s prized by those seeking privacy lost a bid before Russia’s Supreme Court to block security services from getting access to users’ data. Encryption Data security Cyber security
The Guardian Data Protection
APRIL 12, 2018
Government moves ahead with legislation despite criticism from the opposition The Australian government is pushing ahead with controversial legislation it says will create “back doors” into encrypted communication services – but still can’t say when it will introduce the bill. Related: We need to build a new social contract for the digital age | Kevin Keith Related: New law would force Facebook and Google to give police access to encrypted messages Continue reading.
WIRED Threat Level
JANUARY 10, 2018
German researchers say that a flaw in the app's group-chat feature undermines its end-to-end encryption promises. Security
141 
Let's personalize your content