Nearly a year after issuing a first draft, NIST has released a substantially revised proposal for changing the way it develops cryptographic standards. The effort was launched after the NSA was accused of tampering with a NIST cryptographic algorithm.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
Following the Paris terror attacks, the French government plans to strengthen its surveillance laws, while the British prime minister has promised to allow intelligence agencies to penetrate any encrypted communications.
As healthcare organizations step up their efforts this year to exchange more patient data with others to improve care, it's urgent that they address the "significant risks" involved, says Erik Devine, chief security officer at an Illinois hospital.
Richard Spurr has been CEO of security vendor ZixCorp for more than 10 years. How has his approach to e-mail security evolved, and how does he see evolving threats and the marketplace changing in the year ahead?
Security experts are sounding warnings that a flaw known as POODLE, revealed Oct. 14, can now be used to decrypt some Internet communications secured using TLS. Vendors have begun describing workarounds and issuing patches.
Ten months after NIST issued a draft report proposing changes on how it develops cryptographic standards, following reports that the NSA tampered with a NIST cryptographic algorithm, the institute has yet to finalize that guidance.
Microsoft has issued an emergency fix for a vulnerability in Windows Kerberos that is being exploited via in-the-wild attacks. Attackers can leverage the flaw to gain all-access rights to anything inside an Active Directory Domain, experts warn.
Microsoft has issued a patch to correct a critical vulnerability in Schannel, which encrypts transactions on most Windows platforms. The bug is "concerning" for organizations running the service, some experts say, comparing it to the Heartbleed flaw.
The new director of Britain's eavesdropping agency, GCHQ, has blasted U.S. technology firms, arguing that - intentionally or not - they're "the command-and-control networks of choice for terrorists and criminals."
Drawing on networking protocols designed to support NASA's interplanetary missions, two researchers have created a networking system that's designed to transmit information securely and reliably in even the worst conditions, such as in an Ebola hot zone.
Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.