-
Android Q Hardens Security, Adds Better Encryption
Google announced the integration of more features into Android Q designed to further harden the security of critical areas like the kernel, as well as making storage encryption standard and updated biometrics API.
- May 09, 2019
- 03:39 PM
1
-
Google Introduces Adiantum Storage Encryption to Low-End Android Devices
Google unveiled today the new Adiantium storage encryption method for devices without cryptographic acceleration and running Android 9 or later on processors which do not support AES or other crypto instructions.
- February 07, 2019
- 02:13 PM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Company Pretends to Decrypt Ransomware But Just Pays Ransom
Ransomware is a serious threat but also a lucrative business for crooks and scammers posing as IT professionals promising successful decryption services for the right price.
- December 05, 2018
- 12:28 PM
- 5
-
Tech Support Scams Using Multiple Obfuscation Methods to Bypass Detection
You have probably run into a web site that pretends to be Microsoft stating that something is wrong with your computer and telling you to call their phone number for help. While most antivirus software will detect these types of tech support scams, new tactics are being used by their creators to make them more difficult to detect.
- November 28, 2018
- 09:00 AM
- 1
-
Microsoft Releases Info on Protecting BitLocker From DMA Attacks
Soon after research was released that BitLocker drives could be decrypting using SSD hardware encryption flaws, Microsoft released yesterday a support bulletin describing how to protect BitLocker from 1394 & Thunderbolt DMA attacks.
- November 08, 2018
- 08:30 AM
- 3
-
Flaws in Popular SSD Drives Bypass Hardware Disk Encryption
Researchers have found flaws that can be exploited to bypass hardware decryption without a password in well known and popular SSD drives.
- November 05, 2018
- 01:56 PM
- 9
-
Signal Upgrade Process Leaves Unencrypted Messages on Disk
The desktop version for the encrypted communications app Signal does not provide protection for the data it handles during the update procedure, saving it locally as unencrypted plain text.
- October 22, 2018
- 03:45 PM
- 1
-
GPG Mail Update Surprises Mac Users with Paid Plan
Mac users with GPG Mail installed on their systems woke up to a rude surprise when they updated the application last Friday and noticed that it had switched to a paid plan.
- September 25, 2018
- 01:35 AM
- 1
-
Cloudflare Improves Privacy by Encrypting the SNI During TLS Negotiation
Cloudflare announces today support for encrypted Server Name Indication, a mechanism that makes it more difficult to track user's browsing.
- September 24, 2018
- 08:15 AM
- 0
-
New Attack Recovers RSA Encryption Keys from EM Waves Within Seconds
A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques.
- August 22, 2018
- 01:25 AM
- 0
-
Cloud Product Accidentally Exposes Users' TLS Certificate Private Keys
A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud servers.
- August 21, 2018
- 12:25 PM
- 0
-
VORACLE Attack Can Recover HTTP Data From VPN Connections
A new attack named VORACLE can recover HTTP traffic sent via encrypted VPN connections under certain conditions.
- August 14, 2018
- 07:15 PM
- 0
-
Cisco Patches Its Operating Systems Against New IKE Crypto Attack
Cisco, one of the world's largest vendor of networking equipment, released security updates today to patch a vulnerability in the IOS and IOS XE operating systems that run the vast majority of its devices.
- August 13, 2018
- 05:34 PM
- 0
-
Study: Law Enforcement Need Technical Skills, Not Backdoors
FBI Director Chris Wray is following in predecessor James Comey's footsteps in joining the anti-encryption crusade. Though the FBI has admitted to distorting the number of encrypted devices it can't get into,
- August 06, 2018
- 12:50 PM
- 0
-
DOD to Move All Websites to HTTPS by the End of the Year
The US Department of Defense plans to implement HTTPS and HSTS (HTTP Strict Transport Security) for all its public-facing websites by the end of the year.
- July 30, 2018
- 11:50 AM
- 0
-
Many Bluetooth Implementations and OS Drivers Affected by Crypto Bug
A cryptographic bug affects the Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, Qualcomm, and possibly other hardware vendors.
- July 24, 2018
- 01:00 AM
- 0
-
macOS Breaks Your OpSec by Caching Data From Encrypted Hard Drives
Apple's macOS surreptitiously creates and caches thumbnails for images and other file types stored on password-protected / encrypted containers (hard drives, partitions), according to Wojciech Reguła and Patrick Wardle, two macOS security experts.
- June 18, 2018
- 08:00 AM
- 1
-
Microsoft Adds Post-Quantum Cryptography to an OpenVPN Fork
Microsoft has recently published an interesting open source project called "PQCrypto-VPN" that implements post-quantum cryptography (PQC) with OpenVPN. This project is being developed by the Microsoft Research Security and Cryptography group as part of their research into post-quantum cryptography.
- June 04, 2018
- 05:03 PM
- 1
-
Researchers Bypass AMD’s SEV Virtual Machine Encryption
Four researchers from the Fraunhofer Institute for Applied and Integrated Safety in Munich, Germany have published a research paper this week detailing a method of recovering data that is normally encrypted by AMD's Secure Encrypted Virtualization (SEV), a safety mechanism designed to encrypt the data of virtual machines running on s
- May 26, 2018
- 03:00 AM
- 4
-
Google's .App Domains With Baked-In HTTPS Are Now Open for General Registration
Starting last week, on May 8, Google has opened the .app top-level domain (TLD) to the general public, allowing anyone to register their desired .app domain name. As its name implies, the domain is intended for app developers, but anyone can register a domain, may it be for an app or not.
- May 14, 2018
- 04:42 PM
- 0
