Ransomware is a serious threat but also a lucrative business for crooks and scammers posing as IT professionals promising successful decryption services for the right price.
You have probably run into a web site that pretends to be Microsoft stating that something is wrong with your computer and telling you to call their phone number for help. While most antivirus software will detect these types of tech support scams, new tactics are being used by their creators to make them more difficult to detect.
Soon after research was released that BitLocker drives could be decrypting using SSD hardware encryption flaws, Microsoft released yesterday a support bulletin describing how to protect BitLocker from 1394 & Thunderbolt DMA attacks.
Researchers have found flaws that can be exploited to bypass hardware decryption without a password in well known and popular SSD drives.
The desktop version for the encrypted communications app Signal does not provide protection for the data it handles during the update procedure, saving it locally as unencrypted plain text.
Mac users with GPG Mail installed on their systems woke up to a rude surprise when they updated the application last Friday and noticed that it had switched to a paid plan.
Cloudflare announces today support for encrypted Server Name Indication, a mechanism that makes it more difficult to track user's browsing.
A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques.
A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud servers.
A new attack named VORACLE can recover HTTP traffic sent via encrypted VPN connections under certain conditions.
Cisco, one of the world's largest vendor of networking equipment, released security updates today to patch a vulnerability in the IOS and IOS XE operating systems that run the vast majority of its devices.
FBI Director Chris Wray is following in predecessor James Comey's footsteps in joining the anti-encryption crusade. Though the FBI has admitted to distorting the number of encrypted devices it can't get into,
The US Department of Defense plans to implement HTTPS and HSTS (HTTP Strict Transport Security) for all its public-facing websites by the end of the year.
A cryptographic bug affects the Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, Qualcomm, and possibly other hardware vendors.
Apple's macOS surreptitiously creates and caches thumbnails for images and other file types stored on password-protected / encrypted containers (hard drives, partitions), according to Wojciech Reguła and Patrick Wardle, two macOS security experts.
Microsoft has recently published an interesting open source project called "PQCrypto-VPN" that implements post-quantum cryptography (PQC) with OpenVPN. This project is being developed by the Microsoft Research Security and Cryptography group as part of their research into post-quantum cryptography.
Four researchers from the Fraunhofer Institute for Applied and Integrated Safety in Munich, Germany have published a research paper this week detailing a method of recovering data that is normally encrypted by AMD's Secure Encrypted Virtualization (SEV), a safety mechanism designed to encrypt the data of virtual machines running on s
Starting last week, on May 8, Google has opened the .app top-level domain (TLD) to the general public, allowing anyone to register their desired .app domain name. As its name implies, the domain is intended for app developers, but anyone can register a domain, may it be for an app or not.
A team of nine academics is warning the world about a critical vulnerability in the OpenPGP and S/MIME email encryption tools. The flaw, if exploited, allow an attacker to decrypt sent or received messages, according to the researcher team.
The Tor Project announced today plans to discontinue Tor Messenger, the organization's security-hardened instant messaging application.