A day after the British Parliament approved a bill intended to eradicate child abuse content, cabinet officials called on social media giant Meta to halt a rollout of end-to-end encryption. Meta hasn't provided assurances that it will safeguard users, charged Home Secretary Suella Braverman.
Chinese hackers were able to access the email accounts of senior U.S. officials after Microsoft included an active digital signing key in a snapshot of data taken to analyze a crash of its consumer signing system in April 2021. Inclusion of the key in the crash dump was just one of many mishaps.
Security researchers uncovered multiple vulnerabilities in a widely used radio communication system used by law enforcement and in critical infrastructure for data transmission that could allow remote decryption of cryptographically protected communications.
As cloud services are on the rise with ever-growing workloads and more and more secrets being created by the R&D teams, the number and variety of secrets per organization are exploding. Needless to say, Secrets management and monitoring are crucial components of any security program.
This webinar will explore the...
A European Commission effort to require instant messenger apps such as WhatsApp and iMessage to scan for child sexual abuse material would likely violate Europeans' human rights and weaken encryption protections for consumers, a leaked document from the commission's internal legal service says.
Quantum computers and chatbots, as well as hype around blockchain, were topics discussed during The Cryptographers' Panel at RSA Conference 2023. For anyone who needs to keep data secure for more than 30 years, advice from panelist Adi Shamir was simple: Don't rely on public key cryptography.
A European effort to wrest greater control over the infrastructure underpinning internet encryption has some security experts warning about degraded website security. The European Union is on the cusp of requiring web browsers to honor web certificates known as QWACs.
Major internet chat platforms are urging the United Kingdom government to reconsider a bill intended to decrease exposure to online harms but which opponents say would open the door to massive government surveillance. Proponents say online platforms should have a duty of care to protect users.
A 3-month-old federal law meant to future-proof federal computers from quantum computer decryption will have an effect on healthcare sector entities, too, says Mac McMillan, founder and CEO emeritus of privacy and security consulting firm CynergisTek.
Bulking up your cybersecurity defense starts with proactive steps long before a data breach occurs. Are you actively exchanging files, large or small, with outside partners, customers and trading partners? Are you confident your data exchange is secure at rest and in transit or do you need the security of encryption?...
GitHub has replaced its private RSA SSH host key after discovering it was being inadvertently exposed to the public via a GitHub repository. Used to safeguard SSH access to Git operations, a bad actor could use the key to impersonate GitHub or eavesdrop. But GitHub reported no signs of abuse.
Police in multiple European countries carried out raids against the operators and users of the Exclu encrypted chat app, arresting four dozen individuals. German authorities began investigating the app following a 2019 raid on the Cyberbunker web hosting facility.
Moving from certificate-based to FIDO authentication reduces overhead and complications for enterprises looking to move away from passwords, says Microsoft's Libby Brown. FIDO allows organizations to go passwordless by simply buying a FIDO key and turning it on in their Azure Active Directory.
A class action lawsuit against LastPass alleges that a data breach in August resulted in the theft of $53,000 in bitcoin. An unnamed plaintiff alleges that negligence in the password management company's data security practices led to the Thanksgiving weekend theft.