Schneier on Security

SEPTEMBER 13, 2018

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. From the report's conclusion: Government hacking is often lauded as a solution to the "going dark" problem.

Government 212

Government Hacking Risk Surveillance 212

SecureWorld News

DECEMBER 8, 2024

Recent progress has sparked discussions, but current capabilities are still far from threatening encryption standards like 2048-bit RSA. It is essential to understand the risks posed by quantum computing, as future advancements could compromise today's encrypted data, opening new opportunities for threat actors.

Encryption 120

Encryption Firewall Education Firmware 120

Joseph Steinberg

DECEMBER 20, 2021

Nearly every piece of data that is presently protected through the use of encryption may become vulnerable to exposure unless we take action soon. While quantum computers already exist, no devices are believed to yet exist that are anywhere near powerful enough to crack modern encryption in short order.

Encryption 246

Encryption Artificial Intelligence Technology Risk 246

Schneier on Security

AUGUST 28, 2019

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Barr repeated a common fallacy about a difference between military-grade encryption and consumer encryption: "After all, we are not talking about protecting the nation's nuclear launch codes.

Computers and Electronics 279

Computers and Electronics Encryption Internet Internet 279

Schneier on Security

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Surveillance 362

Surveillance Encryption Wireless Government 362

Schneier on Security

OCTOBER 28, 2019

This is true even though encryption will impose costs on society, especially victims of other types of crime. [.]. Basically, he argues that the security value of strong encryption greatly outweighs the security value of encryption that can be bypassed. He endorses a "defense dominant" strategy for Internet security.

Encryption 184

Encryption Cybersecurity Internet Internet 184

Joseph Steinberg

JULY 20, 2022

There is little doubt that quantum computing will ultimately undermine the security of most of today’s encryption systems , and, thereby, render vulnerable to exposure nearly every piece of data that is presently protected through the use of encryption. Such an attitude is not alarmist – it is reality, whether we like it or not.

Risk 338

Risk Encryption Government Artificial Intelligence 338

The Last Watchdog

JULY 30, 2018

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives. We discussed why encrypted flash drives have become established as a must-have portable business tool in the digital age. Park: Exactly.

Encryption 203

Encryption Passwords Authentication Government 203

The Last Watchdog

APRIL 24, 2025

Sinha outlined how todays PKI mechanisms, while effective on the open internet, often falter in high-complexity financial environmentssuch as ATM networks, POS systems, and cloud-centric banking operations. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW

Banking 147

Banking Internet Internet IoT 147

The Last Watchdog

MARCH 24, 2025

Quantum computings ability to break todays encryption may still be years awaybut security leaders cant afford to wait. Related: Quantum standards come of age The real threat isnt just the eventual arrival of quantum decryptionits that nation-state actors are already stockpiling encrypted data in harvest now, decrypt later attacks.

Encryption 130

Encryption Financial Services Technology Risk 130

Schneier on Security

MARCH 13, 2020

Prepare for another attack on encryption in the U.S. It's easy to predict how Attorney General William Barr would use that power: to break encryption. He's said over and over that he thinks the "best practice" is to force encrypted messaging systems to give law enforcement access to our private conversations.

Encryption 280

Encryption Internet Internet Government 280

Joseph Steinberg

OCTOBER 21, 2022

Today, October 21, marks the first ever organized Global Encryption Day, dedicated to spreading awareness of the importance of utilizing encryption to protect sensitive information, both when it is in transit (e.g., online chat messages going over the Internet between you and your significant other) and when it is at rest (e.g.,

Encryption 130

Encryption Government Artificial Intelligence Surveillance 130

Malwarebytes

APRIL 3, 2025

Mobile VPNs are apps that connect your smartphone to the internet via different computers around the world. Be wary of VPNs based in countries that require intelligence-sharing with their governments Look for these security features: Strong encryption protocols (like 256-bit ChaCha20) are vital.

VPN 140

VPN Mobile Government Technology 140

Thales Cloud Protection & Licensing

FEBRUARY 11, 2025

Together for a Better Internet: Celebrating Safer Internet Day 2025 andrew.gertz@t Tue, 02/11/2025 - 14:57 At a time when technology is integral to our lives, Safer Internet Day (SID) has never been more relevant. These measures align perfectly with the spirit of Safer Internet Day. With an estimated 5.8

Internet 62

Internet Internet Education Technology 62

Adam Shostack

JANUARY 2, 2025

[no description provided] Today, a global coalition led by civil society and technology experts sent a letter asking the government of Australia to abandon plans to introduce legislation that would undermine strong encryption.

Internet 130

Internet Internet Government Manufacturing 130

The Last Watchdog

MARCH 17, 2020

Encryption is a cornerstone of digital commerce. But it has also proven to be a profound constraint on the full blossoming of cloud computing and the Internet of Things. Related: A ‘homomorphic-like’ encryption solution We know very well how to encrypt data in transit.

Encryption 171

Encryption Authentication IoT Internet 171

Webroot

NOVEMBER 21, 2024

The five core components of a VPN are: Encryption : The conversion of information into a coded format that can only be read by someone who has the decryption key. Kill switch: Blocks your device’s internet access if the VPN connection drops. A VPN encrypts your connection, making it much harder for anyone to intercept your data.

VPN 111

VPN Antivirus Internet Internet 111

Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Encryption 113

Encryption Government Malware Hacking 113

Schneier on Security

JANUARY 31, 2020

The Department of Interior is grounding all non-emergency drones due to security concerns: The order comes amid a spate of warnings and bans at multiple government agencies, including the Department of Defense, about possible vulnerabilities in Chinese-made drone systems that could be allowing Beijing to conduct espionage.

Encryption 273

Encryption Internet Internet Government 273

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. state privacy laws, the EUs governance of ethical AI deployment, and updated regulations in India and Japan.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies.

Risk 173

Risk Threat Detection Technology Phishing 173

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 ” continues the advisory.

Telecommunications 111

Telecommunications Government Mobile Cyber threats 111

The Last Watchdog

MARCH 13, 2019

In the not too distant future, each one of us will need to give pause, on a daily basis, to duly consider how we purchase and use Internet of Things devices and services. Nor has anyone accepted accountability for encrypting any of the fresh flows of data, whether in transit or at rest. This is coming. Talk more soon.

Internet 189

Internet Internet IoT Energy and Utilities 189

SecureWorld News

DECEMBER 17, 2024

government is sounding the alarm on a growing cybersecurity risk for critical infrastructureinternet-exposed Human-Machine Interfaces (HMIs). However, when improperly configured or left exposed to the internet, HMIs become prime targets for cyberattacks. This underscores the urgent need to secure these systems.

Internet 109

Internet Internet Risk Passwords 109

eSecurity Planet

MAY 25, 2022

Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms.

Encryption 138

Encryption Computers and Electronics Password Management Passwords 138

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Develop and test ransomware response plans.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. government on multiple occasions over the past five years.

Antivirus 329

Antivirus VPN Encryption Malware 329

Security Affairs

NOVEMBER 19, 2024

Ptitsyn reportedly sold the ransomware on darknet forums under aliases like “derxan” and “zimmermanx,” enabling other criminals to encrypt data and demand ransom. Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

eSecurity Planet

NOVEMBER 6, 2024

This attack underscores a critical lesson for businesses: even the most vital institutions, such as a city government, are vulnerable to cyberthreats. With cyberthreats getting more advanced , businesses and local governments alike must work together to share resources, insights, and best practices to improve cybersecurity across the board.

Ransomware 115

Ransomware Authentication Identity Theft Penetration Testing 115

Security Affairs

OCTOBER 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches 115

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 115

SecureList

APRIL 23, 2025

We immediately took action by communicating meaningful information to the Korea Internet & Security Agency (KrCERT/CC) for rapid action upon detection, and we have now confirmed that the software exploited in this campaign has all been updated to patched versions. The software has since been updated with patched versions. version.

Malware 144

Malware Software Encryption Internet 144

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 115

Encryption Passwords IoT Firewall 115

Krebs on Security

MARCH 31, 2020

Ueland said after hearing about the escrow.com hack Monday evening he pulled the domain name system (DNS) records for escrow.com and saw they were pointing to an Internet address in Malaysia — 111.90.149[.]49 The attacker also obtained free encryption certificates for escrow.com from Let’s Encrypt.

Phishing 328

Phishing DNS Social Engineering Accountability 328

Security Affairs

APRIL 5, 2025

Source NewsBytes The Port of Seattle first reported experiencing an internet and web systems outage. The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. The attack impacted websites and phone systems.

Data breaches 95

Data breaches Ransomware Cyber Attacks Manufacturing 95

Schneier on Security

JANUARY 18, 2019

Australia, and elsewhere -- argue that the pervasive use of civilian encryption is hampering their ability to solve crimes and that they need the tech companies to make their systems susceptible to government eavesdropping. It doesn't affect the encryption that protects the communications. Sometimes it's about end-user devices.

Encryption 276

Encryption Government Surveillance Hacking 276

Malwarebytes

JUNE 1, 2021

The group conducts cyber espionage operations to target government entities mainly in South Korea. On December 2020, KISA (Korean Internet & Security Agency) provided a detailed analysis about the phishing infrastructure and TTPs used by Kimsuky to target South Korea. Victimology. One of the lures used by Kimsuky named “???

Government 145

Government Phishing Encryption Media 145

Schneier on Security

JANUARY 14, 2020

Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. Both criminal attacks and government cyber-operations will become more common and more damaging. But the enhancements aren't enough.

Data collection 279

Data collection Software Marketing Government 279