Security News

Image encryption technique could keep photos safe on popular cloud photo services
2021-07-21 04:00

A study from computer scientists at Columbia Engineering reveals what may be the first way to encrypt personal images on popular cloud photo services, such as those from Google, Apple, Flickr and others, all without requiring any changes to - or trust in - those services. Cloud photo services currently not compatible with image encryption.

Mitigating Threats to Encryption From Quantum and Bad Random
2021-07-20 10:47

These two threats already combine to make common encryption less secure than we like to believe and with the power of quantum computing, it will only get worse. Shor's algorithm can use quantum computing to factor large RSA numbers exponentially faster than any other method and it doesn't require a full-scale general purpose quantum computer.

U.S. Army DEVCOM awards Ubiq Security with SBIR contract to improve encryption capabilities
2021-07-17 23:15

Ubiq Security announced that it was awarded a SBIR contract with the U.S. Army DEVCOM. Ubiq's platform will be utilized to help deliver highly efficient, more scalable, and innovative encryption capabilities. Ubiq's API-based encryption platform uses a cloud-based model to deliver encryption and centralized key management capabilities, addressing challenges the Department of Defense commands are currently facing.

Qrypt Quantum Data at Rest app offers secure data storage with one-time pad encryption
2021-07-16 02:30

Qrypt unveiled its Quantum Data at Rest application. QDAR provides one-time pad encryption as a data-at-rest solution for companies to secure important files, proprietary information and all mission-critical data.

Amazon starts rolling out Ring end-to-end encryption globally
2021-07-13 21:47

Amazon-owned Ring has announced starting the worldwide roll out of video End-to-End Encryption to customers with compatible devices. "Today, we're proud to announce that we're moving it out of technical preview and expanding the feature's availability to customers around the world," Ring said.

Zettaset XCrypt Kubernetes Encryption now available on the VMware Marketplace
2021-06-27 00:00

Zettaset announced that XCrypt Kubernetes Encryption is available on the VMware Marketplace. VMware Marketplace enables customers to discover and deploy compatible, validated third-party solutions to VMware environments.

Virtual machines hide ransomware until the encryption process is done
2021-06-23 13:15

The use of virtual machines to run the malicious payload is getting more popular with ransomware attackers, Symantec's Threat Hunter Team claims. "During a recent investigation into an attempted ransomware attack, Symantec discovered that the attackers had installed a VirtualBox VM on some compromised computers. Unlike the previously documented RagnarLocker attacks, which involved Windows XP, the VM in this case appeared to be running Windows 7," they shared.

Intentional Flaw in GPRS Encryption Algorithm GEA-1
2021-06-17 18:51

Remember just because you can see the crypto algorithm on paper and verify it's being used does not mean the algorithm or it's implementation is not "Backdoored" in some way. "Signature algorithms like ElGamal and DSA have parameters which must be set with random information. He shows how one can make use of these parameters to send a message subliminally. Because the algorithm's signature creation procedure is unchanged, the signature remains verifiable and indistinguishable from a normal signature. Therefore, it is hard to detect if the subliminal channel is used."

Security Flaw Found in 2G Mobile Data Encryption Standard
2021-06-17 01:54

Cybersecurity researchers in Europe say they have discovered a flaw in an encryption algorithm used by cellphones that may have allowed attackers to eavesdrop on some data traffic for more than two decades. In a paper published Wednesday, researchers from Germany, France and Norway said the flaw affects the GPRS - or 2G - mobile data standard.

GPRS-era mobile data encryption algorithm GEA/1 was 'weak by design', still lingers in today's phones
2021-06-17 01:44

The GEA/1 encryption algorithm used by GPRS phones in the 1990s was seemingly designed to be weaker than it appears to allow eavesdropping, according to European researchers. A paper just out by academics at Germany's Ruhr-Universität Bochum, with help from Norwegian and French experts, has found [PDF] that GEA/1 only really offered 40-bit encryption, by design, and the way encryption keys were subdivided made the system relatively easy to break if you knew how at the time.