Some extremely lucky users will be able to recover files locked by the Bad Rabbit ransomware because of small operational mistakes on the part of the malware's authors.
After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly "great" start with the publication of a new crypto attack known as DUHK (Don't Use Hard-coded Keys)
Google has added support in Android for an experimental feature that will encrypt DNS requests and prevent network-level attackers from snooping on user traffic.
Russia has fined Telegram 800,000 Russian ruble — approximately $14,000 — for failing to comply with a government order that required the company to provide access to encrypted conversations to Russian intelligence agency FSB.
Infineon TPM chipsets that come with many modern-day motherboards generate insecure RSA encryption keys that put devices at risk of attack.
Users who utilized Microsoft Outlook to send out secure emails encrypted via the S/MIME standard might have had the content of those emails leaked by an Outlook bug.
Officials reminded everyone this week that governments in the US and UK have not given up on their efforts to force tech companies to provide encryption backdoors, despite previous attempts being shut down following public outcry.
Earlier today, Apple has issued an emergency update for macOS High Sierra to address a bug that exposed the passwords of encrypted APFS volumes via the password hint feature.
Francis Rawls, a former Philadelphia cop, will remain in jail for refusing to decrypt a hard drive federal investigators found in his home two years ago during a child abuse investigation.
A hacker who goes online only by the pseudonym of Xerub has released the decryption key for Apple's Secure Enclave Processor (SEP) firmware.
Two Chinese scientists have come up with a method of decrypting satellite phone communications, which works almost instantly and provides a third-party access to secure conversations in real-time.
A team of eight researchers from various universities has found a bug in the Libcrypto library that allows an attacker with local access to extract the RSA-1024 private key that was used to encrypt local data.
The European Commission, through the voice of EU Justice Commissioner Vera Jourova, announced plans to find a way for law enforcement to access data exchanged via encrypted instant messaging services, such as WhatsApp, Telegram, Signal, and others.
In an advisory sent to enterprises across the US, the Department of Homeland Security's US-CERT group is warning that security products which perform HTTPS interception might weaken a company's overall security.
A large chunk of the 120,000 Chromebooks deployed at Maryland's Montgomery County schools went down last week after computers using Symantec BlueCoat security software weren't able to handle TLS 1.3 connections that Google started supporting with the release of Chrome and Chrome OS 56.
Late Friday, last week, Google announced a new tool for security-minded users, called E2EMail, a Chrome extension that simplifies the installation of PGP encryption for Gmail.
The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default.
A data encryption app for Linux users named Cryptkeeper has a bug that allows anyone to decrypt locked content using the password "p".
Google announced yesterday plans to become a self-standing, certified, and independent Root Certificate Authority, meaning the company would be able to issue its own TLS/SSL certificates for securing its web traffic via HTTPS, and not rely on intermediaries, as it does now.
Security researcher Tobias Boelter has discovered a bug in the encrypted communications system used by WhatsApp that allows a determined third-party actor, possibly Facebook, to intercept encrypted messages.