encryption
Mobile SSL failures: More common than they should be
Securing your mobile application traffic is apparently more difficult than it should be, as researchers Anthony Trummer and Tushar Dalvi discovered when looking into SSL/TLS …
FBI director insists Silicon Valley can solve the encryption dilemma – if they try hard enough
On Wednesday, the US Senate Judiciary Committee got to hear from FBI director James Comey and DOJ Deputy Attorney General Sally Quillian Yates on how end-to-end encryption …
Severe OpenSSL bug that allows certificate forgery has been plugged
The wait is over: the OpenSSL Project has issued security updates for the popular open-source implementation of the SSL and TLS protocols, and has shared some details about …
Bitglass granted patent on searchable cloud encryption
Bitglass has been granted a patent for its searchable full-strength 256-bit AES encryption for cloud applications. The technology, covered by US Patent 9,047,480, is …
Security experts explain to US, UK governments why mandated encryption backdoors are a bad idea
Today, FBI director James Comey and Sally Quillian Yates, the deputy attorney general at the Justice Department, are scheduled to address the US Senate Judiciary Committee …
Let’s Encrypt CA releases transparency report before its first certificate
The non-profit CA launched by the EFF, Mozilla and several other businesses and organizations is determined to gain and retain users’ trust. After hiring outside experts …
Amazon releases new, easily auditable TLS implementation
A new, open source implementation of the TLS encryption protocol has been unveiled by Amazon Web Services.Dubbed s2n (shorthand for “signal to noise”), the library …
Multi-link network encryptor with 100 Gbps encrypted bandwidth
Gemalto released its new SafeNet Multi-Link High Speed Encryptor (HSE) solution that provides the equivalent of 10 by 10 Gbps high-speed encryptors in one unit. With a total …
NIST revises security publication on random number generation
In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for …
Researcher tests Tor exit nodes, finds not all operators can be trusted
While the Tor anonymity network conceals (relatively successfully) a user’s location and Internet activity from anyone who might want to know about it, users should be …
Cisco finds, removes more default SSH keys on its software
Cisco has pushed out security updates to address two vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content …
Many popular Android apps fail to encrypt login credentials
Using encryption to protect mobile traffic and especially the exchange of credentials between the user and company servers should be a must in this day and age. Unfortunately, …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance