Mac users with GPG Mail installed on their systems woke up to a rude surprise when they updated the application last Friday and noticed that it had switched to a paid plan.
Cloudflare announces today support for encrypted Server Name Indication, a mechanism that makes it more difficult to track user's browsing.
A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques.
A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud servers.
A new attack named VORACLE can recover HTTP traffic sent via encrypted VPN connections under certain conditions.
Cisco, one of the world's largest vendor of networking equipment, released security updates today to patch a vulnerability in the IOS and IOS XE operating systems that run the vast majority of its devices.
FBI Director Chris Wray is following in predecessor James Comey's footsteps in joining the anti-encryption crusade. Though the FBI has admitted to distorting the number of encrypted devices it can't get into,
The US Department of Defense plans to implement HTTPS and HSTS (HTTP Strict Transport Security) for all its public-facing websites by the end of the year.
A cryptographic bug affects the Bluetooth implementations and operating system drivers of Apple, Broadcom, Intel, Qualcomm, and possibly other hardware vendors.
Apple's macOS surreptitiously creates and caches thumbnails for images and other file types stored on password-protected / encrypted containers (hard drives, partitions), according to Wojciech Reguła and Patrick Wardle, two macOS security experts.
Microsoft has recently published an interesting open source project called "PQCrypto-VPN" that implements post-quantum cryptography (PQC) with OpenVPN. This project is being developed by the Microsoft Research Security and Cryptography group as part of their research into post-quantum cryptography.
Four researchers from the Fraunhofer Institute for Applied and Integrated Safety in Munich, Germany have published a research paper this week detailing a method of recovering data that is normally encrypted by AMD's Secure Encrypted Virtualization (SEV), a safety mechanism designed to encrypt the data of virtual machines running on s
Starting last week, on May 8, Google has opened the .app top-level domain (TLD) to the general public, allowing anyone to register their desired .app domain name. As its name implies, the domain is intended for app developers, but anyone can register a domain, may it be for an app or not.
A team of nine academics is warning the world about a critical vulnerability in the OpenPGP and S/MIME email encryption tools. The flaw, if exploited, allow an attacker to decrypt sent or received messages, according to the researcher team.
The Tor Project announced today plans to discontinue Tor Messenger, the organization's security-hardened instant messaging application.
Mozilla Foundation engineers announced plans over the weekend to test the "DNS over HTTPS" (DoH) fledgling security standard in Firefox Nightly distributions.
For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the "master password" feature.
Three security researchers have discovered a variation to an old cryptographic attack that can be exploited to obtain the private encryption key necessary to decrypt sensitive HTTPS traffic under certain conditions.
German authorities are preparing a law that will force device manufacturers to include backdoors within their products that law enforcement agencies could use at their discretion for legal investigations. The law would target all modern devices, such as cars, phones, computers, IoT products, and more.
Keybase is notifying Android users of a bug in its mobile app that might have unintentionally included the users' private key —used to encrypt conversations and other private data— into the automatic backups created by the Android OS and uploaded on Google's servers.