encryption

PCI SSC updates its device security standard for HSMs
The PCI SSC published the latest version of its device security standard for Hardware Security Modules (HSMs). HSMs are secure cryptographic devices that are used for …

EV certificate usage declining: Is the internet becoming more secure?
Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world’s top 1 million sites over the last 18 months shows …

Beware of ransomware attacks between Christmas and New Year’s!
Darktrace reported that its security researchers discovered a 30% increase in the average number of attempted ransomware attacks globally over the holiday season in every …

EU key management in 2022
It was reported that the private key used to sign EU Digital Covid certificates (aka “vaccine passports”) was leaked and circulated on messaging apps and online data breach …

Secure transactions top retailers’ wish lists this holiday season
We are amid the busiest retail season of the year, with U.S. retail sales expected to grow 10.5% to a record $859 billion this holiday season compared to 2020. The number of …

Acra: Open-source database protection with field-level encryption and intrusion detection
Cossack Labs updated its flagship open-source product Acra database security suite to version 0.90.0 and made many of its core security features previously available only for …

From fragmented encryption chaos to uniform data protection
Encryption is so critical to enterprise security that it’s almost like air: It’s a necessity, it’s everywhere, and we can’t live without it. On the surface, having encryption …

When it comes to securing systems against quantum computers, there is no one-size-fits-all solution
Quantum computers will rapidly solve complex mathematical problems. This includes the ability to break both RSA and ECC encryption in seconds. In response, NIST has been …

Active Directory control: How adversaries score even bigger goals via attack paths
Microsoft Active Directory and Azure Active Directory are directory services products used for identity and access management at most major enterprises all over the world. All …

40% of organizations suffered a cloud-based data breach in the past 12 months
Despite increasing cyberattacks targeting data in the cloud, 83% of businesses are still failing to encrypt half of the sensitive data they store in the cloud, raising even …

WFH is here to stay: Five tactics to improve security for remote teams
When the pandemic took hold, most companies were forced to turn their employees into a fully operational remote workforce within the span of one week. And while some …

Add a new dimension to ransomware defenses
Ransomware is a particularly heartless endeavor. Criminals have targeted schools, vital infrastructure, and even patient records at a psychiatric treatment facility. The US …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware