Encryption

Encryption news, analysis, research, how-to, opinion, and video.

turing primary
10 AWS configuration mistakes and how to avoid them

Digital Key, security, encryption

Google to untrust WoSign and StartCom certificates

Following similar decisions by Mozilla and Apple, Google plans to reject new certificates issued by two certificate authorities because they violated industry rules and best practices.

privacy policy unlocked padlock

The limits of encryption

The latest WikiLeaks revelations included a reminder that there are revealing things that just can’t be encrypted.

Common crypto mistakes criminals makes

Stupid encryption mistakes criminals make

Blown cover: Malware authors show how easy it is to get encryption wrong and, in the process, help security pros crack their code

Digital Key, security, encryption

Critical flaws found in open-source encryption software VeraCrypt

A new security audit has found critical vulnerabilities in VeraCrypt, an open-source full disk encryption program that's the direct successor of the widely popular, but now defunct, TrueCrypt.

Digital Key, security, encryption

GlobalSign certificate revocation error leaves websites inaccessible

Many users around the world had trouble accessing some HTTPS websites due to an error at GlobalSign, one of the world's largest certificate authorities.

vulnerable

12 hardware and software vulnerabilities you should address now

Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade or replace ASAP.

Digital Key, security, encryption

Encrypted communications could have an undetectable backdoor

Researchers warn that many 1024-bit keys used to secure communications on the Internet today might be based on prime numbers that have been intentionally backdoored in an undetectable way.

Digital Key, security, encryption

Certificate policy violations force reform at StartCom and WoSign

The top management of StartCom and WoSign will be replaced and the two certificate authorities will undergo audits after browser vendors discovered that they mis-issued a number of digital certificates, violating industry rules.

Digital Key, security, encryption

Cerber ransomware kills database connections to access important data

In order to encrypt some of the most important data stored on computers and servers, the Cerber ransomware now tries to kill processes associated with database servers.

apple campus headquarters

After Mozilla inquiry, Apple untrusts Chinese certificate authority

Following a Mozilla-led investigation that found multiple problems in the SSL certificate issuance process of WoSign, a China-based certificate authority, Apple will make modifications to the iOS and macOS to block future certificates...

Firefox, Mozilla

Firefox blocks websites with vulnerable encryption keys

The popular Firefox browser will block access to HTTPS servers that use weak Diffie-Hellman keys.

Digital Key, security, encryption

Ransomware spreads through weak remote desktop credentials

Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they've also become a common distribution method for crypto-ransomware.

Vinton Cerf Heidelberg Laureate Forum

Vint Cerf's dream do-over: 2 ways he'd make the internet different

Vint Cerf is considered a father of the internet, but that doesn't mean there aren't things he would do differently if given a fresh chance to create it all over again.

managed security service providers

Lockdown! Harden Windows 10 for maximum security

To make the most of Windows 10's security improvements, you must target the right edition and hardware for your needs

Digital Key, security, encryption

TLS 1.3 gets early adoption boost through CloudFlare

Website security and performance vendor CloudFlare has made the newest version of the TLS secure communications protocol available to all of its customers.

Google

Google puts screws to HTTP with new warnings in Chrome

Google today continued its campaign to tighten the screws on unencrypted web traffic.

HTTP Internet website

Google Chrome to start marking HTTP connections as insecure

To push more websites to implement encryption and to better protect users, Google will start flagging plain HTTP connections as insecure in its popular Chrome browser.

quantum computing KryptAll

Why quantum computing has the cybersecurity world white-knuckled

As quantum computers inch closer to reality, experts are sweating over their potential to render many of today's cybersecurity technologies useless.

Load More