Security News

Facebook Introduces New Features for End-to-End Encrypted Messenger App
2023-01-24 05:44

Meta Platforms on Monday announced that it has started to expand global testing of end-to-end encryption in Messenger chats by default. The social media behemoth said it intends to notify users in select individual chat threads as the security feature is enabled, while emphasizing that the process of choosing and upgrading the conversations to support E2EE is random.

LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen
2022-12-23 04:07

The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults using data siphoned from the break-in.

85% of attacks now use encrypted channels
2022-12-19 04:30

Encrypted attacks remain a significant problem for countries around the globe, with the U.S., India and Japan seeing the biggest increases in attacks over the last 12 months. "Potential threats continue to hide in encrypted traffic, empowered by as-a-service models that dramatically reduce the technical barriers to doing so. It is critical for organizations to adopt a cloud-native zero trust architecture that allows consistent inspection of all internet bound traffic and effectively mitigate these attacks," Desai continued.

Twitter source code indicates end-to-end encrypted DMs are coming
2022-11-16 16:55

Twitter is reportedly working on finally adding end-to-end encryption for direct messages exchanged between users on the social media platform. Twitter had attempted to prototype an E2EE system back in 2018, naming it "Secret Conversation," but it never materialized as a finished product and was later abandoned.

Constellation: Open-source, runtime-encrypted Kubernetes
2022-10-12 04:30

Confidential Computing is a hardware-based technology that shields computer workloads from their environments and keeps data encrypted during processing. In this Help Net Security video, Felix Schuster, CEO at Edgeless Systems, talks about the open-source release of Constellation.

An encrypted ZIP file can have two correct passwords — here's why
2022-08-21 16:27

Did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome when the ZIP is extracted? While the ZIP was encrypted with the longer password, using either password extracted the archive successfully.

Facebook Testing Default End-to-End Encryption and Encrypted Backups in Messenger
2022-08-13 05:23

Social media company Meta said it will begin testing end-to-end encryption on its Messenger platform this week for select users as the default option, as the company continues to slowly add security layers to its various chat services. "If you're in the test group, some of your most frequent chats may be automatically end-to-end encrypted, which means you won't have to opt in to the feature," Sara Su, product management director of Messenger Trust, said.

How Conti ransomware hacked and encrypted the Costa Rican government
2022-07-21 14:20

Details have emerged on how the Conti ransomware gang breached the Costa Rican government, showing the attack's precision and the speed of moving from initial access to the final stage of encrypting devices. The Conti ransomware operation launched in 2020 to replace Ryuk and quickly grew to infamy after attacking victims in both the private and the public sector, including local governments in the U.S., schools, and national healthcare systems.

Tech world may face huge fines if it doesn't scrub CSAM from encrypted chats
2022-07-07 06:27

Tech companies could be fined $25 million - or ten percent of their global annual revenue - if they don't build suitable mechanisms to scan for child sex abuse material in end-to-end encrypted messages and an amended UK law is passed. The proposed update to the Online Safety bill [PDF], currently working its way through Parliament, states that British and foreign providers of a "Regulated user-to-user service" must report child sexual exploitation and abuse content to the country's National Crime Agency.

Speek! is a new encrypted chat service that uses Tor to offer secure communication
2022-05-31 14:35

Speek! is a new encrypted chat service that uses Tor to offer secure communication. Speek! isn't quite like the chat apps and services you are used to.