encryption
18-year-old random number generator flaw fixed in Libgcrypt, GnuPG
Researchers have discovered a “critical security problem” that affects all versions of the Libgcrypt cryptographic library and, therefore, all versions of the …
Attackers can hijack unencrypted web traffic of 80% of Android users
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM …
Google Duo: Simple, encrypted, video calling app
Google Duo is a simple 1-to-1 video calling app available for Android and iOS. In order to use Google Duo all you need is your phone number, no separate account is necessary. …
CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS
The HEIST vulnerability was presented at Black Hat USA 2016 by Mathy Vanhoef and Tom Van Goethem. In this presentation, new techniques were presented that enhanced previously …
There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …
Breathing new life into SSL VPNs: Making the most of the security benefits
Network security has been in an accelerated arms race for over a decade, with IT managers constantly adding new technologies to secure various network resources in an attempt …
Cerber2 ransomware released, no decryption tool available
The author of the widely distributed Cerber ransomware has released a newer version, and files encrypted with Cerber2, unfortunately, can’t be decrypted without paying …
To stop ransomware, opt for app graylisting and admin rights removal
CyberArk Labs tested over 23,000 ransomware samples from more than 30 prevalent malware families, including Cryptolocker, Petya and Locky, in order to better understand common …
GhostMail stops providing secure comms to individual users
Encrypted email, chat and storage service GhostMail will no longer provide its services to individual users. Instead, it will concentrate on the enterprise market. In an email …
European privacy advisor wants encryption without backdoors
“The confidentiality of online communications by individuals and businesses is essential for the functioning of modern societies and economies. The EU rules designed to …
Low-cost wireless keyboards open to keystroke sniffing and injection attacks
Bastille Networks researcher Marc Newlin has discovered a set of security vulnerabilities in low-cost wireless keyboards that could be exploited to collect all passwords, …
Amazon Silk browser removes Google’s default encryption
Google’s good intentions of keeping searches made via its search engine protected through default encryption have been stymied by Amazon. A bug in the Amazon Silk …
Featured news
Resources
Don't miss
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise
- Signal blocks Microsoft Recall from screenshotting conversations
- The hidden gaps in your asset inventory, and how to close them
- CTM360 report: Ransomware exploits trust more than tech