Security News
A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called "Intermittent encryption." Called LockFile, the operators of the ransomware have been found exploiting recently disclosed flaws such as ProxyShell and PetitPotam to compromise Windows servers and deploy file-encrypting malware that scrambles only every alternate 16 bytes of a file, thereby giving it the ability to evade ransomware defences.
This form of encryption essentially creates a virtual safe for your data that can only be unlocked with a passcode. If encryption is so easy, why don't people do it?
Facebook has updated the end-to-end encryption features in Messenger to provide users with more secure voice and video calling capabilities. Messenger has been offering support for end-to-end encrypted text chats for roughly five years, and Facebook has decided to expand the security feature to voice and video calling as well, after observing an increase in the use of these capabilities over the past year.
Facebook on Friday said it's extending end-to-end encryption for voice and video calls in Messenger, along with testing a new opt-in setting that will turn on end-to-end encryption for Instagram DMs. "The content of your messages and calls in an end-to-end encrypted conversation is protected from the moment it leaves your device to the moment it reaches the receiver's device," Messenger's Ruth Kricheli said in a post. It's worth noting that the company's flagship messaging service gained support for E2EE in text chats in 2016, when it added a "Secret conversation" option to its app, while communications on its sister platform WhatsApp became fully encrypted the same year following the integration of Signal Protocol into the application.
Facebook on Friday said it's extending end-to-end encryption for voice and video calls in Messenger, along with testing a new opt-in setting that will turn on end-to-end encryption for Instagram DMs. "The content of your messages and calls in an end-to-end encrypted conversation is protected from the moment it leaves your device to the moment it reaches the receiver's device," Messenger's Ruth Kricheli said in a post. It's worth noting that the company's flagship messaging service gained support for E2EE in text chats in 2016, when it added a "Secret conversation" option to its app, while communications on its sister platform WhatsApp became fully encrypted the same year following the integration of Signal Protocol into the application.
Facebook has announced the rollout of end-to-end encrypted Messenger voice and video calls five years after making it available in one-on-one text chats. End-to-end encryption is used by most popular communication and collaboration platforms, including Zoom, Microsoft Teams, as well as Facebook's WhatsApp.
Apple's announcement that it would scan encrypted messages for evidence of child sexual abuse has revived debate on online encryption and privacy, raising fears the same technology could be used for government surveillance. The move represents a major shift for Apple, which has until recently resisted efforts to weaken its encryption that prevents third parties from seeing private messages.
The facts aren't news, but Zoom will pay $85M - to the class-action attorneys, and to users - for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent. The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at US District Court for the Northern District of California.
Arqit released the first version of its service, QuantumCloud 1.0. This Platform‑as‑a‑Service software enables customers to secure the communications channels and data of any cloud, edge or...
A new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. After ransomware topics were banned on hacking forums [1, 2], LockBit began promoting the new LockBit 2.0 ransomware-as-a-service operation on their data leak site.