Google Releases Basic Homomorphic Encryption Tool

Schneier on Security

Google has released an open-source cryptographic tool: Private Join and Compute. This is helpful for multiparty computation, where you need to apply and later peel away multiple layers of encryption without affecting the computations performed on the encrypted data.

How to get back files encrypted by the Hacked Ransomware for free

Security Affairs

The Hacked Ransomware was first spotted in 2017, it appends.hacked extension to the encrypted files and includes ransom notes in Italian, English, Spanish, and Turkish. Well, experts an Emsisoft also released a free decryptor tool for this threat.

Slack Launched Encryption Key Addon For Businesses

Security Affairs

Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to launch encryption keys that will help businesses to protect their data. What is the purpose of Enterprise Key Management if Slack really encrypts the data? Slack currently encrypts your data in transit and at rest.

A free Decryptor tool for GandCrab Ransomware released

Security Affairs

Good news for the victims of the latest variants of the GandCrab ransomware , NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website.

Tools 94

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. The encryption in our products is handled by a chip inside the actual hardware itself.

GCHQ implements World War II cipher machines in encryption app CyberChef

Security Affairs

UK intelligence agency GCHQ released emulators for World War II cipher machines (Enigma, Typex and The Bombe) that can be executed in the encryption app CyberChef. The GCHQ released the source code of the tool on GitHub in November 2016, alongside with a demo.

Experts released a free Decryption Tool for GandCrab ransomware

Security Affairs

Good news for the victims of the infamous GandCrab ransomware, security experts have created a decryption tool that allows them to decrypts files without paying the ransom. “This tool recovers files encrypted by GandCrab ransomware versions 1, 4 and 5.”

Tools 110

Why Enterprises Should Control Their Encryption Keys

Thales eSecurity

Cloud providers have done a good job of integrating default encryption services within their core infrastructure. However, as discussed in previous blogs , the encryption service is only as secure as the keys that are used to encrypt the data.

IoT Inspector Tool from Princeton

Schneier on Security

Researchers at Princeton University have released IoT Inspector , a tool that analyzes the security and privacy of IoT devices by examining the data they send across the Internet. They've already used the tool to study a bunch of different IoT devices.

IoT 78

New Free Decryption Tool for GandCrab

Dark Reading

Tool rescues GandCrab victims from malicious encryption

Encryption is Necessary, Tools and Tips Make It Easier

Dark Reading

In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise

Microsoft 365 Updated with New Compliance, Encryption, Privacy Controls

Dark Reading

New tools, such as Compliance Manager and Advanced Message Encryption, aim to give businesses more options for data privacy

Tools 63

Always Encrypted: Database Security Product Overview and Analysis

eSecurity Planet

We review Always Encrypted, a free database security tool included with Microsoft SQL Server

Tools 45

U.S. Healthcare Industry Needs a Shot in the Arm When it Comes to Data Protection: 70% experienced a breach; Less than 38% are encrypting even as threats increase

Thales eSecurity

They’re counting on the fact that only 38% or less of healthcare organizations encrypt data. Unfortunately, healthcare organizations fail to encrypt everything even as they face this ever-expanding threat surface due to the sheer volume of personally identifiable information they process.

The Multi-Cloud Era Creates New Encryption Challenges

Thales eSecurity

Key Findings from the 2018 Global Encryption Trends Study. No core technologies are more fundamental to data protection than encryption and key management. 39% encrypt extensively in public cloud services, a number which has grown significantly just in the past year.

Encryption keeps us safe. It must not be compromised with ‘backdoors’ | Robby Mook

The Guardian Data Protection

I worry the current rhetoric around encryption is ignoring that lesson. The deputy attorney general, Rod Rosenstein, has called for “responsible encryption” that would allow officials to unlock encrypted data with a warrant. Christopher Wray, the director of the FBI, recently said that lack of access to encrypted smartphones was a “major public safety issue”. In the UK, the home secretary, Amber Rudd, has repeatedly said that encryption is a “problem”.

National Academy of Sciences Encryption Study

Data Matters

After supporters and opponents of mandated government access to encrypted communications publicly feuded for much of 2016, reprising arguments they’ve had since at least the days of the “Clipper Chip,” these “encryption debates” seemed to quiet down for much of last year. Wray further argued that, while the FBI “supports information security measures, including strong encryption[,]. Few would describe 2017 as a quiet year.

Making the Case for Encryption in the Era of Digital Transformation – Highlights from our Annual Data Threat Report

Thales eSecurity

A great way to mitigate some of the risks associated with cloud or multi-cloud environments is to deploy encryption solutions. In fact, 38% of organizations’ security concerns with cloud environments would be alleviated with data encryption at the service provider level. Beyond alleviating cloud concerns, encryption was identified as the top tool to drive the use of other digitally transformative technologies like, big data, IoT and containers, according to this year’s DTR.

Frankenstein campaign: threat actors put together open-source tools for highly-targeted attacks

Security Affairs

Cisco Talos experts uncovered a new wave of attacks tracked as Frankenstein campaign, attackers used tools built by combining four open-source techniques. Then the data is sent back to the C&C server via an encrypted channel. “A

Tools 75

AUSTRALIA: Assistance and Access Act, December 2018 – Holy grail of uncertainty created by new rushed-in data encryption laws

DLA Piper Privacy Matters

According to its Explanatory Memorandum, the Act is intended to ‘introduce measures to better deal with the challenges posed by ubiquitous encryption ‘ It amends primarily the existing Telecommunications Act 1997 to establish frameworks for voluntary and mandatory industry assistance to law enforcement and intelligence agencies in relation to encryption technologies, via the issuing of technical assistance requests, technical assistance notices and technical capability notices.

Frankenstein campaign: threat actors put together open-source tools for highly-targeted attacks

Security Affairs

Cisco Talos experts uncovered a new wave of attacks tracked as Frankenstein campaign, attackers used tools built by combining four open-source techniques. Then the data is sent back to the C&C server via an encrypted channel. “A

Attacking encrypted USB keys the hard(ware) way

Elie

Ever wondered if your new shiny AES hardware-encrypted USB device really encrypts your data - or is just a fluke? If you have, come to our talk to find out if those products live up to the hype and hear about the results of the audit we conducted on multiples USB keys and hard drives that claim to securely encrypt data. Armed with this knowledge and our tools, you will be able to evaluate the security of the USB device of your choice

How to Shop Online Like a Security Pro

Krebs on Security

The [link] part of the address merely signifies that the data being transmitted back and forth between your browser and the site is encrypted and can’t be read by third parties. Latest Warnings Security Tools Web Fraud 2.0

How To 283

Patch Tuesday, November 2018 Edition

Krebs on Security

The other is a publicly disclosed bug in Microsoft’s Bitlocker encryption technology ( CVE-2018-8566 ) that could allow an attacker to get access to encrypted data. Security Tools Time to Patch CVE-2018-8566 CVE-2018-8589 Flash Player Microsoft Patch Tuesday November 2018 Qualys

Tools 186

ASUS fixes supply chain of Live Update tool hit in Operation ShadowHammer

Security Affairs

Discovered by Kaspersky in January 2019, Operation ShadowHammer took place between June and November 2018 and leveraged the proprietary tool that comes pre-installed on ASUS notebooks. It also implemented an enhanced end-to-end encryption mechanism and improved security of server-to-end-user communication. The vendor also developed an online security diagnostic tool that allows users to check whether their computers have been impacted.

Tools 70

Victims of Pylocky ransomware can decrypt their files for free

Security Affairs

Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. PyLocky Ransomware Decryption Tool Released — Unlock Files For Free. SecurityAffairs – PyLocky, decryptor tool).

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

I found this frustrating because as far as I can tell there is no integrated solution in Gmail for PGP/OpenGPG email message encryption, and some readers prefer to share news tips this way.

ICO Stresses Importance of Encryption for Data Security

Hunton Privacy

On August 28, 2013, on the UK Information Commissioner’s Office’s (“ICO’s”) blog, Simon Rice, Technology Group Manager for the ICO, discussed the importance of encryption as a data security measure. He stated that storing any personal information is “inherently risky” but encryption can be a “simple and effective means” to safeguard personal information and reduce the risk of security breaches. Selecting the Correct Encryption Method. Safeguarding the Encryption Key.

Making an effective case for increasing the data security budget

Information Management Resources

Essentially, there is no one resource, tool or methodology that can be implemented which miraculously causes your company to be secure. Data security Encryption Cyber attacks Cyber security Malware Data breaches

Tools 93

Strong, streamlined and secure: How to get the most out of centralized key management

Thales eSecurity

With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Protecting data through encryption.

Security Vulnerabilities in US Weapons Systems

Schneier on Security

Using relatively simple tools and techniques, testers were able to take control of systems and largely operate undetected, due in part to basic issues such as poor password management and unencrypted communications.

Newsmaker Interview: Scott Helme on Securing the Web

Threatpost

Scott Helme, the well-known security researcher, international speaker and the founder of the securityheaders.com and report-uri.com free tools for web security, has devoted himself to improving the security environment of the internet for the past decade. Threatpost sat down with Helme to discuss the state of web security, particularly on the encryption front — including certificate […].

Tools 51

Researchers Finds Thousands of iOS Apps Ignoring Security

Dark Reading

A critical data encryption tool, included by default in iOS, is being turned off in more than two-thirds of popular apps

Ransomware Attack Via MSP Locks Customers Out of Systems

Dark Reading

Vulnerable plugin for a remote management tool gave attackers a way to encrypt systems belonging to all customers of a US-based MSP

Bypassing Passcodes in iOS

Schneier on Security

We know that companies like Cellebrite and Grayshift are renting/selling iPhone unlock tools to law enforcement -- which means governments and criminals can do the same thing -- and that Apple is releasing a new feature called "restricted mode" that may make those hacks obsolete.

Tools 72

Gemalto SafeNet: Database Security Product Overview and Analysis

eSecurity Planet

We review Gemalto SafeNet Database, a database security tool that provides transparent encryption of structured, sensitive data residing in databases

Podcast Episode 133: Quantum Computing’s Security Challenge and Life After Passwords

The Security Ledger

Once they’re here, quantum computers will make short work of many of the most commonly used encryption schemes, which protect much of the world’s sensitive data. And, for cryptography experts worried about the security of data protected with powerful encryption algorithms, a decade or two hence is close enough to begin preparing now. . encryption Podcasts quantumThe arrival of functional quantum computers may be closer than you think.

IoT 40

Emsisoft released a free decryptor for the Ims00rry ransomware

Security Affairs

The Ims00rry ransomware used AES-128 algorithm for the encryption process. Unlike most of the ransomware, Ims00rry and doesn’t append an extension to the filenames of the encrypted files. Do not rename or move the encrypted files.

Victims of ZQ Ransomware can decrypt their files for free

Security Affairs

Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool. Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool that allows them to decrypt files for free.

Emsisoft released a free decryptor for JSWorm 4.0

Security Affairs

Security researchers at Emsisoft have released a new decryptor tool that allows the victims of the JSWorm 4.0 ransomware is also written in C++ and uses a modified version of AES-256 to encrypt files. JSWRM to the filenames of encrypted files.