encryption
New date for migrating off vulnerable SSL and early TLS encryption
Following significant feedback from the global PCI community and security experts, the Payment Card Industry Security Standards Council (PCI SSC) announced a change to the …
Human error reduces security offered by encryption apps
Crypto phones – whether they are hardware devices or mobile apps – are a great way to assure that your VoIP communications remain private, but the security and …
New threats will demand new approaches such as micro-segmentation and quantum encryption
Leading security professionals around the world will adopt a new mindset in 2016, embracing advanced approaches such as micro-segmentation to counter increasingly …
How to eliminate encryption silos
Working in the encryption business, you’ll quickly learn that there are a number of problems that organizations can run into while deploying the technology. The …
Vuvuzela: An untraceable messaging system aimed at thwarting powerful adversaries
A group of scientists from the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) believe they have created an effective and scalable text-messaging system …
End-to-end encrypted database ZeroDB is now open source
ZeroDB, an end-to-end encrypted database whose release was announced earlier this year, is now open source. Developers MacLane Wilkison and Michael Egorov changed the license …
Tips for managing and securing SSH keys
A new NIST report raises awareness of the major vulnerabilities associated with SSH user key management and provides concrete steps for securing and protecting SSH systems and …
Signal secure messaging app now available on the desktop
The Open Whisper Systems nonprofit has released the beta version of their Signal secure messaging app for desktop computers.Signal is often recommended by privacy-minded …
Telegram Android app is a stalker’s dream
Popular instant messaging service Telegram provides optional end-to-end encrypted messaging and, in general, is highly focused on protecting user privacy.Despite these …
VPN protocol flaw allows attackers to discover users’ true IP address
The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited …
Another root CA cert with key found on Dell’s machines
The main piece of news on Monday was that Dell’s desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private …
Dell shipped computers with root CA cert, private crypto key included
All desktop and laptops shipped by Dell since August 2015 contain a root CA certificate (eDellRoot) complete with the private cryptographic key for it, opening users to the …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance