Security News

Kubernetes-specialist Zettaset has introduced software-defined encryption for Kubernetes-managed containers, improving DevSecOps, enhancing data protection, and enabling compliance. The fluid nature of cloud storage requires a software rather than hardware solution - and Zettaset has announced its software-defined XCrypt Kubernetes Encryption offering.

For years, Naked Security and Sophos have said #nobackdoors, agreeing with the Information Technology Industry Council that "Weakening security with the aim of advancing security simply does not make sense." EARN IT is a bipartisan effort, having been introduced by Republican Lindsey Graham, Democrat Richard Blumenthal and other legislators who've used the specter of online child exploitation to argue for the weakening of encryption.

Zettaset, a leading provider of software-defined encryption solutions, announced Zettaset XCrypt Container Encryption for Docker Enterprise from Mirantis, a software-only encryption solution for containers. Designed to protect containers from data theft in any physical or virtual environment, the new solution enables organizations running Docker Enterprise environments to seamlessly secure data within containers through encryption with little-to-no impact on performance or business velocity.

On Thursday, a bipartisan group of US senators introduced legislation with the ostensible purpose of combating child sexual abuse material online - at the apparent cost of encryption. The law bill is called the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act, which folds up into the indignant acronym EARN IT. Backed by senators Lindsey Graham, Richard Blumenthal, Josh Hawley and Dianne Feinstein, the proposed law intends to make technology companies "Earn" their exemption from liability allowed under Section 230 of the US Communications Decency Act by requiring internet companies to follow a set of best practices to keep CSAM off their networks.

It cannot be fixed without replacing the silicon, only mitigated, it is claimed: the design flaw is baked into millions of Intel processor chipsets manufactured over the past five years. Buried deep inside modern Intel chipsets is what's called the Management Engine, or these days, the Converged Security and Manageability Engine.

Evidence is emerging that a barely noticed change made to Chrome 80, released on 4 February, might have disrupted the hugely successful data and user profile stealing malware AZORult. Now, according to research by Israeli security company Kela, chatter on crime forums suggests cybercriminals believe that Chrome 80's move to encrypt locally saved passwords and cookies using AES-256 has killed the malware's attempts to steal data for good.

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress-apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets. First, Learn What Kr00k Attack Doesn't Allow: Before proceeding to details of the new Kr00k attack, it's important to note that:The vulnerability does not reside in the Wi-Fi encryption protocol; instead, it exists in the way vulnerable chips implemented the encryption,.

SyncDog, the leading Independent Software Vendor for next generation mobile security and data loss prevention, announced their partnership with SecureAge, a proven leader in enterprise encryption solutions and AI powered anti-malware technology. Systems' capabilities as a mobile-centric secure workspace, ensuring that users have stronger data encryption at the file level that is sustained as files travel from mobile to in-network desktops and servers.

There are things that have been true for technical people for decades and will continue to be true. About half the things you know will be obsolete after five years, so you'll have to learn new things and maybe pivot your career.

Today, nearly a quarter of malware communicates using TLS. The reason is simple: encryption obfuscates malware code, making it difficult to analyze; prevents users from accessing the component files in the event of an infection; and hides and secures the attackers' malicious network communication. In short, malware encryption makes it harder for traditional defenses to detect and mitigate that malware.