Mar 14, 2025Ravie LakshmananMobile Security / Encryption The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms. To that end, the new GSMA … [Read more...] about GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging
encryption
Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
Feb 21, 2025Ravie LakshmananData Protection / Encryption Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users' trusted devices … [Read more...] about Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
DeepSeek App Transmits Sensitive User and Device Data Without Encryption
Feb 07, 2025Ravie LakshmananMobile Security / Artificial Intelligence A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks. The assessment comes from NowSecure, which also found that … [Read more...] about DeepSeek App Transmits Sensitive User and Device Data Without Encryption
New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics
Oct 24, 2024Ravie LakshmananRansomware / Cybercrime Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. "Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI … [Read more...] about New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics
Encryption at rest in Elastic Cloud: Bring your own key with AWS KMS
Elastic Cloud Hosted deployments that have been encrypted with AWS KMS keys also support AWS KMS key security policies and features, such as key rotation and key revocation. Key rotation minimizes the risk of data leaks due to key compromise. Key revocation is an additional security measure, where access to encrypted data via a compromised key is terminated, either via … [Read more...] about Encryption at rest in Elastic Cloud: Bring your own key with AWS KMS
Encryption at rest in Elastic Cloud: A strategic imperative for enterprise security
Have you been wondering if you can bring your own key (BYOK) to encrypt your data and snapshots in Elastic Cloud? If yes, you’ll enjoy this blog post series.As organizations increasingly rely on cloud software to streamline processes and enhance collaboration, data security becomes a non-negotiable requirement. Encryption at rest is a cornerstone of data security strategies, … [Read more...] about Encryption at rest in Elastic Cloud: A strategic imperative for enterprise security
Google Adds Quantum-Resistant Encryption in Chrome 116
Aug 11, 2023THNEncryption / Browser Security Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published … [Read more...] about Google Adds Quantum-Resistant Encryption in Chrome 116
Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
Aug 10, 2023THNPrivacy / Encryption A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto's Citizen Lab, which carried out an analysis of the encryption mechanism used in Tencent's Sogou Input … [Read more...] about Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors
The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down. The updated variant, written in Golang, "implements an additional security mechanism to conceal the list of targets, which is transmitted from the … [Read more...] about DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors
Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm
Mar 06, 2023Ravie LakshmananEncryption / Cybersecurity A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber … [Read more...] about Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm