Encryption news, trends, analysis and practical advice

dell xps 13
Dell eDellRoot laptops Superfish

dell xps 13 15

A second dangerous Dell root certificate discovered

After Dell confirmed that one of its support tools installed a dangerous self-signed root certificate and private key on computers, users discovered a similar certificate deployed by a different Dell tool.

victim identity theft computer problem

What you need to know about Dell's root certificate security debacle

In an attempt to provide a more streamlined remote support experience, Dell installed a self-signed root certificate and corresponding private key on its customers' computers, exposing users' encrypted communications to potential...

Dell's XPS 13 with LG TV

Dell installs self-signed root certificate on laptops, endangers users' privacy

Users are reporting that some Dell laptops sold recently come preloaded with a self-signed root digital certificate that lets attackers sniff traffic to any secure website.

French Senate extends state of emergency

Cloud services targeted as French Senate enlarges police search powers

Three more months of extraordinary police powers and the extension of warrantless searches to include cloud storage services accessible from computers in France: Those were among the changes voted unanimously by French senators Friday...


Tech trade group objects to weakening smartphone encryption

The Information Technology Industry Council on Thursday decried efforts to weaken encryption on smartphones, even though some officials in Washington favor doing so.

ISIL ISIS Telegram encryption

ISIL/ISIS/Daesh says no need for encryption -- but Telegram caves to pressure

ISIS use of Telegram is the latest bogeyman in the breathless demonization of encryption. But it turns out the self-styled Islamic State of Iraq and the Levant -- aka Daesh -- used barely-encrypted SMS to communicate in Paris...


U.S. may be financing encryption apps to stay ahead of terrorists

The U.S. government's financial support for the development of smartphone encryption apps doesn't surprise security experts.

150902 encrypt android

Feds fund encryption apps that could cloak terrorists

U.S. government funds have recently been used to support the creation and maintenance of commercially available smartphone encryption apps -- the same kinds of apps thought to be used by terrorists.

smartphone encryption

Paris attacks demand 'wake-up call' on smartphone encryption

Deadly terrorist attacks on Friday in Paris, apparently planned by ISIS, have ignited a new round of concerns over smartphone encryption.

ian haken bheu black hat europe 2015

BitLocker encryption can be defeated with trivial Windows authentication bypass

A researcher disclosed a trivial Windows authentication bypass that puts data on BitLocker-encrypted laptops at risk.

self encrypting hard drives black hat europe 2015

Self-encrypting drives are little better than software-based encryption

Two researchers demonstrated attacks against self-encrypting drives used in enterprise environments at the Black Hat Europe conference in Amsterdam.

Digital Key

First Linux ransomware program cracked, for now

Malware researchers from Bitdefender created a tool to recover files encrypted with a ransomware program called Linux.Encoder.1.

victim identity theft computer problem

File-encrypting ransomware starts targeting Linux Web servers

After targeting consumer and then business computers, ransomware authors are now going after Web servers.

Digital Key

Microsoft follows Mozilla in considering early ban on SHA-1 certificates

Microsoft is considering whether to push up the blocking of the SHA-1 hashing algorithm on Windows to as early as June, taking a cue from a similar decision by the Mozilla Foundation.

Digital Key

All CoinVault and Bitcryptor ransomware victims can now recover their files for free

Researchers from Kaspersky Lab and the Dutch Public Prosecution Service have obtained the last set of encryption keys from command-and-control servers that were used by CoinVault and Bitcryptor, two related ransomware threats.

Digital Key

Google threatens action against Symantec-issued certificates following botched investigation

Google wants Symantec to publicly disclose all the certificates it issues and to undergo a third-party security audit after an incident involving the issuing of unauthorized certificates as part of internal testing.

Fujitsu palm vein

Fujitsu turns to biometrics for data encryption

Fujitsu says it has developed software that uses biometric data directly as the basis for encryption and decryption of data, simplifying and strengthening security systems that rely on biometrics such as fingerprints, retina scans and...

Digital Key

Mozilla mulls early cutoff for SHA-1 digital certificates

Mozilla is considering banning digital certificates signed with the SHA-1 algorithm in July 2016.

Load More