encryption
DNSSEC: Don’t throw the baby out with the bath water
A recent report raiseed concerns about the abuse of DNSSEC to conduct DDoS attacks. The article reported that DNSSEC-signed domains can be used to conduct reflected DDoS …
Review: iStorage datAshur Pro
Whenever I travel, I take data I might need with me on a secure USB flash drive. Ages ago, I would encrypt these files with GPG and move them to a generic USB drive. After …
Display the cryptographic signing information about any file on your Mac
Verifying a file’s cryptographic signature can help the user deduce its trustability. If you’re using OS X, there is no simple way to view a file’s signature from …
18-year-old random number generator flaw fixed in Libgcrypt, GnuPG
Researchers have discovered a “critical security problem” that affects all versions of the Libgcrypt cryptographic library and, therefore, all versions of the …
Attackers can hijack unencrypted web traffic of 80% of Android users
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM …
Google Duo: Simple, encrypted, video calling app
Google Duo is a simple 1-to-1 video calling app available for Android and iOS. In order to use Google Duo all you need is your phone number, no separate account is necessary. …
CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS
The HEIST vulnerability was presented at Black Hat USA 2016 by Mathy Vanhoef and Tom Van Goethem. In this presentation, new techniques were presented that enhanced previously …
There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …
Breathing new life into SSL VPNs: Making the most of the security benefits
Network security has been in an accelerated arms race for over a decade, with IT managers constantly adding new technologies to secure various network resources in an attempt …
Cerber2 ransomware released, no decryption tool available
The author of the widely distributed Cerber ransomware has released a newer version, and files encrypted with Cerber2, unfortunately, can’t be decrypted without paying …
To stop ransomware, opt for app graylisting and admin rights removal
CyberArk Labs tested over 23,000 ransomware samples from more than 30 prevalent malware families, including Cryptolocker, Petya and Locky, in order to better understand common …
GhostMail stops providing secure comms to individual users
Encrypted email, chat and storage service GhostMail will no longer provide its services to individual users. Instead, it will concentrate on the enterprise market. In an email …
Featured news
Resources
Don't miss
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable
- Securing agentic AI with intent-based permissions