Security News

The vendor's research team Surge today published research on how long it takes 10 of the big ransomware families including Lockbit, Conti, and REvil to encrypt 100,000 files. While the criminal gangs' speeds varied, Surge found the median ransomware variant can encrypt nearly 100,000 files totaling 53.93GB in 42 minutes and 52 seconds.

Let's Encrypt, a non-profit organization that helps people obtain free SSL/TLS certificates for websites, plans to revoke a non-trivial number of its certs on Friday because they were improperly issued. In a post to the Let's Encrypt discussion community forum, site reliability engineer Jillian Tessa explained that on Tuesday, a third party reported "Two irregularities" in the code implementing the "TLS Using ALPN" validation method in Boulder, its Automatic Certificate Management Environment software.

Let's Encrypt will begin revoking certain SSL/TLS certificates issued within the last 90 days starting January 28, 2022. As a non-profit certificate authority run by Internet Security Research Group, Let's Encrypt provides X.509 certificates for Transport Layer Security encryption at no cost.

When only the utmost privacy will do for the messages you exchange by e-mail, you need a service that protects them entirely, but many additional privacy and security features are a big help. If you cherish your privacy and security and are looking for an alternative to something like ProtonMail, then the CTemplar End-to-End Encrypted Email Prime Plan: Lifetime Subscription should be exactly what you need.

The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. The ransomware's Linux version also fails to trigger the encryption if executed without root privileges because it attempts to drop the ransom note on compromised devices' root file systems.

Sophos has released details of a new ransomware written in Python that attackers used to compromise and encrypt virtual machines hosted on an ESXi hypervisor."This is one of the fastest ransomware attacks Sophos has ever investigated and it appeared to precision-target the ESXi platform," said Andrew Brandt, principal researcher at Sophos.

Anyone that needs to hide away sections of text in Google Documents should give this handy add-on a try. When whole documents are sensitive, I tend to not write them in Google Docs, but rather a locally installed tool that makes it possible to encrypt a document.

Operators of an unknown ransomware gang are using a Python script to encrypt virtual machines hosted on VMware ESXi servers. While the Python programming language is not commonly used in ransomware development, it is a logical choice for ESXi systems, seeing that such Linux-based servers come with Python installed by default.

" Guess what? iOS 12 wasn't dead, it was just resting. Researchers rediscover an Outlook data leakage issue.

HTTPS, short for secure HTTP, relies on the encryption protocol known as TLS, which is short for transport layer security. Many high-traffic sites were afraid of HTTPS because of the extra time taken by the "Cryptographic dance" demanded by the protocol every time a visitor arrived at the site, and because of the need to encrypt and decrypt every byte sent and received thereafter.