Security News

Check Point Full Disk Encryption Software Blade offers automatic security for all data on endpoint hard drives. Check Point Full Disk Encryption Software Blade has more data security offerings to complement Full Disk Encryption.

Trend Micro Endpoint Encryption and Broadcom Symantec Endpoint Encryption are two of the leading options. Both Trend Micro Endpoint Encryption and Broadcom Symantec Endpoint Encryption protect a wide range of devices typically used by businesses, ranging from Mac and PC laptops and desktops to removable media devices.

Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones. We present an IV reuse attack on AES-GCM that allows an attacker to extract hardware-protected key material, and a downgrade attack that makes even the latest Samsung devices vulnerable to the IV reuse attack.

A group of academics from the North Carolina State University and Dokuz Eylul University have demonstrated what they say is the "First side-channel attack" on homomorphic encryption that could be exploited to leak data as the encryption process is underway. "Basically, by monitoring power consumption in a device that is encoding data for homomorphic encryption, we are able to read the data as it is being encrypted," Aydin Aysu, one of the authors of the study, said.

Attention, Samsung Galaxy smartphone owners: There's a good chance your device is one of the 100 million that a Tel Aviv University research paper said suffer from a serious encryption flaw. The researchers didn't stumble upon this error, either: They purposely targeted Samsung devices as an attempt to prove that proprietary, and often undocumented, encryption applications endanger everyone using a smartphone.

A group of academics from Tel Aviv University have disclosed details of now-patched "Severe" design flaws in Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool said.

What are the main challenges of exchanging sensitive information using encryption? This takes us into a second challenge affecting the effective exchange of sensitive information using encryption - compliance.

Samsung shipped an estimated 100 million smartphones with botched encryption, including models ranging from the 2017 Galaxy S8 on up to last year's Galaxy S21. Researchers at Tel Aviv University found what they called "Severe" cryptographic design flaws that could have let attackers siphon the devices' hardware-based cryptographic keys: keys that unlock the treasure trove of security-critical data that's found in smartphones. In a paper entitled "Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design" - written by by Alon Shakevsky, Eyal Ronen and Avishai Wool - the academics explain that nowadays, smartphones control data that includes sensitive messages, images and files; cryptographic key management; FIDO2 web authentication; digital rights management data; data for mobile payment services such as Samsung Pay; and enterprise identity management.

Academics at Tel Aviv University in Israel have found that recent Android-based Samsung phones shipped with design flaws that allow the extraction of secret cryptographic keys. These TEEs run their own operating system, TrustZone Operating System, and it's up to vendors to implement the cryptographic functions within TZOS. The Android Keystore, the researchers explain, offers hardware-backed cryptographic key management via the Keymaster Hardware Abstraction Layer.

Researchers have detailed what they call the "First successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content."We were able to recover the master key for generating the file encryption key without the attacker's private key, by using a cryptographic vulnerability identified through analysis," a group of academics from South Korea's Kookmin University said in a new paper analyzing its encryption process.