Security News

Learn to secure multiple documents by encrypting compressed files on various OSes using a password. When considering how to share data efficiently, cloud storage has a leg up on hardware by making it easy to share files and folders with users across the globe with a few clicks.

Today, in part due to the work Let's Encrypt does, roughly 85% of all websites use HTTPS and over one billion certificates have been issued. What about money? Aas may have wanted to give away certificates for free, but building the Let's Encrypt apparatus was anything but free.

TransArmor Personal Data Protection from Fiserv, which incorporates industry-leading data security technology from Protegrity, helps businesses secure consumers' personal data. For the first time, when used alongside TransArmor Data Protection, Fiserv merchants will be able to tokenize and encrypt all payment card data and personal information throughout the entire customer and transaction lifecycle.

A recent analysis of the Zoom video conferencing application revealed that the keys used to encrypt and decrypt meetings may be sent to servers in China, even if all participants are located in other countries. "A scan shows a total of five servers in China and 68 in the United States that apparently run the same Zoom server software as the Beijing server. We suspect that keys may be distributed through these servers. A company primarily catering to North American clients that sometimes distributes encryption keys through servers in China is potentially concerning, given that Zoom may be legally obligated to disclose these keys to authorities in China," Citizen Lab explained in a report published on Friday.

This week we talk about why Let's Encrypt might have to celebrate its billionth certificate twice, wonder if James Bond could hack Siri with ultrasound, and make backups surprisingly interesting. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

Let's Encrypt planned to revoke more than 3 million TLS certificates on Wednesday after it discovered a bug that allowed an important security check performed during TLS issuance to be bypassed. On March 4, we will revoke 2.6% of currently active Let's Encrypt certificates.

Free and open certificate authority Let's Encrypt has decided that it will not revoke one million of the certificates affected by the recent CAA recheck bug. A total of 3,048,289 certificates were supposed to be revoked, but Let's Encrypt ultimately decided to leave 1 million of them unreplaced at this time.

Let's Encrypt has halted its plans to cancel all three million flawed web security certificates - after fearing the super-revocation may effectively break a chunk of the internet for netizens. Earlier this week, the non-profit certificate authority, which issues HTTPS certs for free, announced a plan to disable some three million certificates tainted by a software bug.

Let's Encrypt said it will give users of its Transport Layer Security certificates more time to replace 1 million certificates that are still active and potentially affected by a Certificate Authority Authorization bug before it revokes them. The popular free certificate authority had given users until Wednesday, March 4, 9:00 p.m. EST to replace 3 million certificates because the bug in its Boulder software-discovered and patched this past Sunday-impacted the way its software checked domain ownership before issuing certificates.

The most popular free certificate signing authority Let's Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software. The bug, which Let's Encrypt confirmed on February 29 and was fixed two hours after discovery, impacted the way it checked the domain name ownership before issuing new TLS certificates.