Encryption

Encryption news, trends, analysis and practical advice

Apple iPhone 5S (1)
SSL padlock icon security

161118 pompeo 1

With choice for CIA chief, Trump picks a foe of Silicon Valley's encryption stance

In his nomination of U.S. Rep. Mike Pompeo to head the CIA, President-elect Donald Trump has picked a supporter of NSA surveillance programs and a critic of Silicon Valley's stance on encryption.

Digital Key, security, encryption

Without tech industry guidance, U.S. may resort to weakening encryption

Apple may have refused to help the FBI unlock the iPhone used by the San Bernardino shooter, but the tech industry is still better off working with the U.S. government on encryption issues than ducking away, according to a former...

Digital Key, security, encryption

Google to untrust WoSign and StartCom certificates

Following similar decisions by Mozilla and Apple, Google plans to reject new certificates issued by two certificate authorities because they violated industry rules and best practices.

Digital Key, security, encryption

Critical flaws found in open-source encryption software VeraCrypt

A new security audit has found critical vulnerabilities in VeraCrypt, an open-source full disk encryption program that's the direct successor of the widely popular, but now defunct, TrueCrypt.

Digital Key, security, encryption

GlobalSign certificate revocation error leaves some sites inaccessible

Many users around the world had trouble accessing some HTTPS websites due to an error at GlobalSign, one of the world's largest certificate authorities.

vulnerable

12 hardware and software vulnerabilities you should address now

Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade or replace ASAP.

Digital Key, security, encryption

Encrypted communications could have an undetectable backdoor

Researchers warn that many 1024-bit keys used to secure communications on the Internet today might be based on prime numbers that have been intentionally backdoored in an undetectable way.

hacker, DDOS, IoT, SkilledAnalysts

StrongPity APT attack group booby-trapped WinRAR and TrueCrypt downloads

An APT attack group focused on encrypted data and communications, using watering hole attacks to taint WinRAR and TrueCrypt downloads.

Digital Key, security, encryption

Cerber ransomware kills processes needed to access data

In order to encrypt some of the most important data stored on computers and servers, the Cerber ransomware now tries to kill processes associated with database servers.

onetouch ping

New insulin pump flaws highlight security risks from medical devices

Medical device manufacturer Animas warns diabetic patients who use its OneTouch Ping insulin pumps about security issues that could allow hackers to take over the devices and deliver unauthorized doses of insulin.

apple campus headquarters

Apple to no longer 'trust' Chinese certificate authority

Following a Mozilla-led investigation that found multiple problems in the SSL certificate issuance process of WoSign, a China-based certificate authority, Apple will make modifications to the iOS and macOS to block future certificates...

Firefox, Mozilla

Firefox blocks websites with vulnerable encryption keys

The popular Firefox browser will block access to HTTPS servers that use weak Diffie-Hellman keys.

Digital Key, security, encryption

Ransomware spreads through weak remote desktop credentials

Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they've also become a common distribution method for crypto-ransomware.

Vinton Cerf Heidelberg Laureate Forum

Vint Cerf's dream do-over: 2 ways he'd make the internet different

Vint Cerf is considered a father of the internet, but that doesn't mean there aren't things he would do differently if given a fresh chance to create it all over again.

Digital Key, security, encryption

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.

quantum computing KryptAll

Quantum computing has the cybersecurity world white-knuckled

As quantum computers inch closer to reality, experts are sweating over their potential to render many of today's cybersecurity technologies useless.

20160225 stock mwc ericsson booth security locks

FairWare ransomware infects servers through exposed Redis instances

Days after reports that a new ransomware attack was deleting files from web servers, security researchers determined that some of the affected servers were hacked via insecure deployments of the Redis database.

security code big data cyberespionage DDoS

Attackers use rogue proxies to hijack HTTPS traffic

A new attack analyzed by malware researchers from Microsoft uses Word documents with malicious code that configures browsers to use a web proxy controlled by attackers.

Load More