Security News

Encrypted DNS, as its name suggests, encrypts those queries to shield them from snoops and meddlers. A year later, a research paper presented at a Usenix conference underscored the need for better security when it reported that about 8.5 per cent of DNS queries were intercepted by service providers.

HTTPS inspection is a process by which you can analyze the encrypted web traffic and content, though some organizations shy away from this technique as it can do more harm than good if not implemented properly. In its Internet Security Report for Q1 2020, WatchGuard reported that 67% of all malware last quarter was delivered via HTTPS. Since more websites now use HTTPS for encrypted connections, many WatchGuard customers have enabled HTTPS inspection, which looks for malicious content by decrypting traffic at the gateway.

67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection, according to WatchGuard. "Some organizations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option," said Corey Nachreiner, CTO at WatchGuard.

Zoom is doing the right thing: it's making end-to-end encryption available to all users, paid and unpaid. We have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform.

IBM this week announced the availability of open source toolkits that allow for data to be processed while it's still encrypted. The toolkits implement fully homomorphic encryption, which enables the processing of encrypted data without providing access to the actual data.

Microsoft is the latest browser vendor to join the encrypted DNS club by supporting DNS over HTTPS in Windows 10. We've explained encrypted DNS before, but briefly, it encrypts DNS queries between your computer and the DNS resolver so those in between can't see which websites or other URLs you're asking for.

The DHS's Cybersecurity & Infrastructure Security Agency published a memorandum on April 21 warning agency CIOs that they're legally bound to use its internal EINSTEIN network security system when resolving DNS queries. The first is DNS over TLS. This uses Transport Layer Security - the successor to SSL - to encrypt the queries directly and verify the server's identity using digital certificates.

A newly disclosed vulnerability in older Xilinx FPGAs can be exploited to simplify the process of extracting and decrypting the encrypted bitstreams used to configure the chips. There's a solution: you can encrypt your bitstream with AES-CBC and an encryption key, and burn that secret key into the FPGAs you bought as they are placed into your product at your factory.

MobileIron, the company that introduced the industry's first mobile-centric, zero trust enterprise security platform, announced a new partnership with Adeya, the secure collaboration leader, to empower today's global workforce with private, end-to-end encrypted real-time voice and video calls, conference calls, SMS, instant messages, group chats and file exchanges on any device. Leveraging the combined solution, customers can now rapidly manage and deploy Adeya's end-to-end encrypted communication, collaboration and file-sharing solution through MobileIron's unified endpoint management platform.

Enveil, the pioneering data security company protecting Data in Use, announced the release of its encrypted machine learning product, ZeroReveal Machine Learning, the first adaptable, market-ready solution allowing organizations to process data against an encrypted machine learning model. Building on the success of its ZeroReveal Search solution, Enveil ZeroReveal ML fundamentally changes the paradigm of secure data usage by allowing organizations to enable advanced decisioning through collaborative and federated machine learning in a secure and private capacity.