Encryption
Encryption | News, how-tos, features, reviews, and videos
Google open-sources test suite for devs to find crypto bugs
Developers can use Project Wycheproof to test cryptographic algorithms against a library of known attacks to uncover potential weaknesses
Apple's macOS file encryption can be bypassed without latest fixes
Without the macOS update released this week, Apple's disk encryption can be easily bypassed by connecting a specially crafted device to a locked Macbook.
Ransomware-fighting coalition adds members and decryption tools
The No More Ransom project, a coalition of law enforcement and security companies, has expanded with 30 new members and added 32 new decryption tools for various ransomware variants.
5 topics Trump needs to address in Silicon Valley leaders meeting
As some of the tech sector’s heaviest hitters prep for a meeting this week with president-elect Donald Trump, they need to make sure they get answers to critical questions about issues that could affect not only their businesses but...
Facebook helps companies detect rogue SSL certificates for domains
Facebook has launched a tool that allows domain name owners to discover TLS/SSL certificates issued without their knowledge.
Trump, tech executives may try to untangle relationship
U.S. president-elect Donald Trump is meeting this week in New York with top tech executives, including Oracle CEO Safra Catz, Apple CEO Tim Cook, Microsoft CEO Satya Nadella, Alphabet CEO Larry Page and Facebook COO Sheryl Sandberg,...
Ransomware attacks against businesses jumped 3X in 2016
The number of ransomware attacks targeting companies increased threefold from January to September, affecting one in every five businesses worldwide.
OpenVPN will be audited for security flaws
The next major version of OpenVPN, one of the most widely used virtual private networking technologies, will be audited by a well known cryptography expert.
App developers not ready for stricter iOS security requirements
A month before Apple is expected to enforce stricter security requirements for app communications in iOS, enterprise developers don't seem ready to embrace them, a new study shows.
The cloud storage security gap -- and how to close it
Cloud storage vendors don't provide a comfortable balance for some IT admins, but third-party options get you part way there
Chrome bug triggered website errors with Symantec SSL certificates
A bug in the Chrome browser caused security errors to be shown to users when trying to access HTTPS-enabled websites using Symantec SSL certificates.
With choice for CIA chief, Trump picks a foe of Silicon Valley's encryption stance
In his nomination of U.S. Rep. Mike Pompeo to head the CIA, President-elect Donald Trump has picked a supporter of NSA surveillance programs and a critic of Silicon Valley's stance on encryption.
Without tech industry guidance, U.S. may resort to weakening encryption
Apple may have refused to help the FBI unlock the iPhone used by the San Bernardino shooter, but the tech industry is still better off working with the U.S. government on encryption issues than ducking away, according to a former...
Google to untrust WoSign and StartCom certificates
Following similar decisions by Mozilla and Apple, Google plans to reject new certificates issued by two certificate authorities because they violated industry rules and best practices.
Critical flaws found in open-source encryption software VeraCrypt
A new security audit has found critical vulnerabilities in VeraCrypt, an open-source full disk encryption program that's the direct successor of the widely popular, but now defunct, TrueCrypt.
GlobalSign certificate revocation error leaves some sites inaccessible
Many users around the world had trouble accessing some HTTPS websites due to an error at GlobalSign, one of the world's largest certificate authorities.
12 hardware and software vulnerabilities you should address now
Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade or replace ASAP.
Encrypted communications could have an undetectable backdoor
Researchers warn that many 1024-bit keys used to secure communications on the Internet today might be based on prime numbers that have been intentionally backdoored in an undetectable way.
StrongPity APT attack group booby-trapped WinRAR and TrueCrypt downloads
An APT attack group focused on encrypted data and communications, using watering hole attacks to taint WinRAR and TrueCrypt downloads.
Cerber ransomware kills processes needed to access data
In order to encrypt some of the most important data stored on computers and servers, the Cerber ransomware now tries to kill processes associated with database servers.