Security News

The 25-person, New York-based company will provide more robust encryption for Zoom calls on paid subscriptions by implementing an end-to-end architecture. "Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom's network and can be used to establish trust relationships between meeting attendees," Zoom CEO Eric Yuan explained in a Thursday blog post.

Popular communications platform provider Zoom Video announced on Thursday that it has acquired secure messaging and file-sharing service Keybase for an undisclosed sum. The move is the latest by the company as it attempts to bolster the security of its offerings and build in end-to-end encryption that can scale to the company's massive user base.

The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User "Shade-team" posted four files on the code repository earlier this week, one containing the file keys and four "ReadMe" files with decryption instructions and other information.

McAfee, a device-to-cloud cybersecurity company, announced that McAfee MVISION Cloud now supports encryption enhancements in Microsoft Teams, including encrypted webhooks and encrypted payloads. This enables organizations to improve productivity of their employees by letting them use Teams as a collaboration platform, participate in conversations and calls and upload and share documents while ensuring customer data remains secure with encryption when evaluated by McAfee MVISION Cloud.

Zoom on Wednesday announced a series of security improvements designed to address many of the concerns raised in recent weeks. Zoom has now announced that account administrators will be able to choose which data center regions they want to use for real-time meeting traffic.

The Dutch intelligence service has been able to read encrypted communications from dozens of countries since the late 1970s thanks to a microchip, according to research by de Volkskrant on Thursday. Philips, together with Siemens, built an encryption machine in the late 1970s.

The first published example of a double extortion attack, according to Check Point Research, came with the attack against Allied Universal in November 2019. In a later post on a Russian underground forum, they posted a link to "10% of data we have exfiltrated." They added, "We give them 2 weeks until we send other 90% of data to wikileaks. Other 90% is a quite interesting part... Time is ticking."

Understandably, the end-to-end encrypted messaging app Signal has been signing up new users at "Unprecedented" rates and flipping the switch on servers "Faster than we ever anticipated," Signal's Joshua Lund said last week. At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee 'best practices' that are extraordinarily unlikely to allow end-to-end encryption.

Traditionally compliance with regulations was the top driver for deploying encryption, but has dropped in priority since 2017, indicating that encryption is transitioning from a requirement to a proactive choice to safeguard critical information. With the proliferation of data from digital initiatives, cloud use, mobility, IoT devices and the advent of 5G networks, data discovery continues to be the biggest challenge in planning and executing a data encryption strategy, with 67% of respondents citing this as their top concern.

Futurist Isaac Arthur explains how to stay safe from quantum encryption hacking.