Security News

Lettuce Encrypt, Encrypt We Must: Hobby projects change name after Let's Encrypt fires off trademark complaints
2020-06-10 12:52

An open-source project for automating the installation of free Let's Encrypt certificates for websites built with Microsoft's ASP.NET Core framework was forced to change its name after a trademark complaint from the Internet Security Research Group. Nate McMaster worked at Microsoft when Let's Encrypt was launched and started a "Hobby project" to provide a Let's Encrypt API for ASP.NET core applications.

How to encrypt an external drive or card in macOS
2020-06-04 14:59

Depending on your platform, you might have to install third-party software to encrypt externally-attached drives, such as USB drives and memory cards. I want to walk you through the steps of encrypting an SD card using only the included software on a MacBook Pro, running macOS 10.15.5.

Encrypt compressed files the easy way from Windows, macOS, or Linux
2020-05-19 16:04

Learn to secure multiple documents by encrypting compressed files on various OSes using a password. When considering how to share data efficiently, cloud storage has a leg up on hardware by making it easy to share files and folders with users across the globe with a few clicks.

How to encrypt compressed files the easy way from Windows, macOS, or Linux
2020-05-19 16:04

Learn to secure multiple documents by encrypting compressed files on various OSes using a password. When considering how to share data efficiently, cloud storage has a leg up on hardware by making it easy to share files and folders with users across the globe with a few clicks.

One billion certificates later, Let's Encrypt's crazy dream to secure the web is coming true
2020-04-27 21:40

Today, in part due to the work Let's Encrypt does, roughly 85% of all websites use HTTPS and over one billion certificates have been issued. What about money? Aas may have wanted to give away certificates for free, but building the Let's Encrypt apparatus was anything but free.

TransArmor Personal Data Protection from Fiserv tokenizes and encrypts personal data
2020-04-09 01:30

TransArmor Personal Data Protection from Fiserv, which incorporates industry-leading data security technology from Protegrity, helps businesses secure consumers' personal data. For the first time, when used alongside TransArmor Data Protection, Fiserv merchants will be able to tokenize and encrypt all payment card data and personal information throughout the entire customer and transaction lifecycle.

Keys Used to Encrypt Zoom Meetings Sent to China: Researchers
2020-04-03 15:41

A recent analysis of the Zoom video conferencing application revealed that the keys used to encrypt and decrypt meetings may be sent to servers in China, even if all participants are located in other countries. "A scan shows a total of five servers in China and 68 in the United States that apparently run the same Zoom server software as the Beijing server. We suspect that keys may be distributed through these servers. A company primarily catering to North American clients that sometimes distributes encryption keys through servers in China is potentially concerning, given that Zoom may be legally obligated to disclose these keys to authorities in China," Citizen Lab explained in a report published on Friday.

S2 Ep30: Let’s Encrypt, ULTRASOUND attacks, backups for ransom – Naked Security Podcast
2020-03-11 17:51

This week we talk about why Let's Encrypt might have to celebrate its billionth certificate twice, wonder if James Bond could hack Siri with ultrasound, and make backups surprisingly interesting. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

Let's Encrypt: We Won't Revoke All Certificates Right Now
2020-03-06 14:18

Let's Encrypt planned to revoke more than 3 million TLS certificates on Wednesday after it discovered a bug that allowed an important security check performed during TLS issuance to be bypassed. On March 4, we will revoke 2.6% of currently active Let's Encrypt certificates.

Let's Encrypt Will Not Replace 1 Million Bug-Affected Certificates
2020-03-06 14:09

Free and open certificate authority Let's Encrypt has decided that it will not revoke one million of the certificates affected by the recent CAA recheck bug. A total of 3,048,289 certificates were supposed to be revoked, but Let's Encrypt ultimately decided to leave 1 million of them unreplaced at this time.