Security News
Kingston Digital, the flash memory affiliate of Kingston Technology Company, announced the addition of 128GB capacity options to three of its encrypted USB flash drives. The simple inclusion of encrypted USB flash drives into a daily workflow is a simple step to ensuring data is safe.
By default, macOS does not maintain integrity while hibernating. The problem is that while the key is stored in resident memory, it is unencrypted, allowing an attacker the opportunity to recover the non-obfuscated key using freely available tools to repeal FileVault's protections and gain unauthorized access to the now decrypted data stored on your device.
In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders. Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized Android-based handset with GPS, camera, and microphone functionality removed for anonymity and security.
In May, police in France, assisted by the Netherlands' cops, infiltrated EncroChat's core network - and in mid-June the operator pulled the plug, having realised the game was up. The takedown of the network has been a poorly disguised secret, with Northern Irish suspects reportedly being arrested last week after data from EncroChat's servers was shared around European police forces.
Encrypted DNS, as its name suggests, encrypts those queries to shield them from snoops and meddlers. A year later, a research paper presented at a Usenix conference underscored the need for better security when it reported that about 8.5 per cent of DNS queries were intercepted by service providers.
HTTPS inspection is a process by which you can analyze the encrypted web traffic and content, though some organizations shy away from this technique as it can do more harm than good if not implemented properly. In its Internet Security Report for Q1 2020, WatchGuard reported that 67% of all malware last quarter was delivered via HTTPS. Since more websites now use HTTPS for encrypted connections, many WatchGuard customers have enabled HTTPS inspection, which looks for malicious content by decrypting traffic at the gateway.
67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection, according to WatchGuard. "Some organizations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option," said Corey Nachreiner, CTO at WatchGuard.
Zoom is doing the right thing: it's making end-to-end encryption available to all users, paid and unpaid. We have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform.
IBM this week announced the availability of open source toolkits that allow for data to be processed while it's still encrypted. The toolkits implement fully homomorphic encryption, which enables the processing of encrypted data without providing access to the actual data.
Microsoft is the latest browser vendor to join the encrypted DNS club by supporting DNS over HTTPS in Windows 10. We've explained encrypted DNS before, but briefly, it encrypts DNS queries between your computer and the DNS resolver so those in between can't see which websites or other URLs you're asking for.