Security News

In this Help Net Security video, Ryan Amparo, Field Application Engineer at Kingston Technology, discusses the benefits of encrypted external SSDs and USBs for hybrid workforces. He talks about the differences between software and hardware encryption, why it's important, and why usage and cost matter.

The story has been updated to clarify that the Hessen Consumer Center is not part of the government. The Hessen Consumer Center in Germany has been hit with a ransomware attack, causing IT systems to shut down and temporarily disrupting its availability.

The German state of Hessen has been hit with a ransomware attack, causing the government to shut down IT systems and disrupting the availability of its consumer advice center. Hessen is a state in central Germany with over six million people that encompasses Frankfurt, the country's second-largest metropolitan area and a major financial center.

The DuckDuckGo browser has unveiled a new end-to-end encrypted Sync & Backup feature that lets users privately and securely synchronize their bookmarks, passwords, and Email Protection settings across multiple devices. The new feature is available on the latest version of the DuckDuckGo browser for Windows, macOS, iOS, and Android, so syncing can only work between devices running these operating systems.

A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be used to hijack user accounts. The problem with the Spoutible API. Security consultant Troy Hunt has been tipped off about the API by an individual who shared a file with 207,000 Spoutible user records - supposedly scraped via the API - and an URL that would allow Hunt to do the same with his own account.

CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The online version has a file size limit of 10MB, so if you're looking to decrypt larger files or virtual machines, the GitHub version is the only way to go.

Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its...

Malware, which includes malicious web content and malware payloads, continued to dominate over other types of encrypted attacks, with ad spyware sites and cross-site scripting accounting for 78% of all blocked attacks. In total, 86% of all cyber threats, including malware, ransomware, and phishing attacks, are delivered over encrypted channels.

A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate...

One of the requirements of eIDAS 2.0 is that browser makers trust government-approved Certificate Authorities and do not implement security controls beyond those specified by the European Telecommunications Standards Institute. When a browser visits that site, the website presents a public portion of its CA-issued certificate to the browser, and the browser checks the cert was indeed issued by one of the CAs it trusts, using the root certificate, and is correct for that site.