Security News

A security vulnerability in Intel chips opens the door for encrypted file access and espionage, plus the ability to bypass copyright protection for digital content. "[The] hardware allows activation of test or debug logic at runtime for some Intel processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access," according to Intel's advisory, issued last week.

Extending encryption to your email system, and the precious documents and info it holds, should be a no-brainer. Any email security effort will come up against a range of blockers, from access concerns, compliance issues, and the challenges of maintaining a joyful user experience, across multiple devices.

A new hacker group named Moses Staff has recently claimed responsibility for numerous attacks against Israeli entities, which appear politically motivated as they do not make any ransom payment demands. In general, Moses Staff isn't putting much effort into this aspect of their operation, as the main thing they aim for is to cause chaos in the targeted Israeli operation and not to ensure that the encrypted drives are irrecoverable.

Email is fundamental to the operation of most businesses. 90 per cent of IT execs are prioritizing the protection of docs and info in emails according to research from Echoworx.

Britain's new Information Commissioner has called for video conferencing companies to enable end-to-end encryption on their products - even as police managers and politicians condemn the technology and demand its removal. This week the ICO urged tech companies to make end-to-end encryption "Available to all users" regardless if they're "Enterprise, consumer, paid or free" in a statement jointly backed by seven countries' data protection regulators - even including China.

Microsoft has announced the public preview roll-out of end-to-end encryption support for one-to-one Microsoft Teams calls.Starting today, Microsoft Teams is getting end-to-end encryption for 1:1 calls which encrypts the real-time media flow so that private one-to-one discussions remain entirely private, with no way for intermediate nodes or parties to decrypt them.

Hook up with our forthcoming Live Malware Demo presentation. Why we think you should celebrate Global Encryption Day.

Facebook's WhatsApp on Thursday began a global rollout of end-to-end encryption for message backups, which offers Android and iOS users with the ability to protect WhatsApp messages stored in Google Drive and Apple iCloud. WhatsApp claims no other similarly large global messaging service provides E2E encryption for users' stored communications and media - WhatsApp has more than 2bn users and in some regions serves as the de facto communications platform.

A new actor tracked as SnapMC has emerged in the cybercrime space, performing the typical data-stealing extortion that underpins ransomware operations, but without doing the file encryption part. File encryption is considered a core component of ransomware attacks, as it's the very element that brings operational disruption to the victim.

At the heart of all this, credential compromise is the leading cause of ransomware attacks, because credentials give hackers the access they need to hold your systems hostage. To understand the issue of credentials in ransomware attacks, one must understand what credentials really are.