encryption
CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS
The HEIST vulnerability was presented at Black Hat USA 2016 by Mathy Vanhoef and Tom Van Goethem. In this presentation, new techniques were presented that enhanced previously …
There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …
Breathing new life into SSL VPNs: Making the most of the security benefits
Network security has been in an accelerated arms race for over a decade, with IT managers constantly adding new technologies to secure various network resources in an attempt …
Cerber2 ransomware released, no decryption tool available
The author of the widely distributed Cerber ransomware has released a newer version, and files encrypted with Cerber2, unfortunately, can’t be decrypted without paying …
To stop ransomware, opt for app graylisting and admin rights removal
CyberArk Labs tested over 23,000 ransomware samples from more than 30 prevalent malware families, including Cryptolocker, Petya and Locky, in order to better understand common …
GhostMail stops providing secure comms to individual users
Encrypted email, chat and storage service GhostMail will no longer provide its services to individual users. Instead, it will concentrate on the enterprise market. In an email …
European privacy advisor wants encryption without backdoors
“The confidentiality of online communications by individuals and businesses is essential for the functioning of modern societies and economies. The EU rules designed to …
Low-cost wireless keyboards open to keystroke sniffing and injection attacks
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, …
Amazon Silk browser removes Google’s default encryption
Google’s good intentions of keeping searches made via its search engine protected through default encryption have been stymied by Amazon. A bug in the Amazon Silk …
Researchers discover 110 snooping Tor nodes
In a period spanning 72 days, two researchers from Northeastern University have discovered at least 110 “misbehaving” and potentially malicious hidden services …
Open source hardware cryptographic module offered for $800
For a few years now, the CrypTech project has been working on designing an open source hardware cryptographic engine that could be used to secure core Internet infrastructure. …
Review: iStorage diskAshur Pro
The iStorage diskAshur Pro is a hard drive for users with security on their mind. This USB 3.0 device comes in various storage capacities, ranging from 500GB to 2TB, and is …
Featured news
Resources
Don't miss
- Radio signals could give attackers a foothold inside air-gapped devices
- Product showcase: RoboForm password manager for iOS
- LLMs are automating the human part of romance scams
- Superagent: Open-source framework for guardrails around agentic AI
- Security chaos engineering matters when nothing is broken