Encryption

Juniper says it will remove flawed cryptographic code from its software

Juniper says it will replace the Dual_EC pseudo-random number generator, long criticised by security experts and potentially exploitable in backdoor attacks.

David Bisson reports.


1 min read

LiveStream tells users to reset passwords, after possible data breach

Video live streaming platform LiveStream is warning customers that account information, including names, dates of birth, phone numbers, email addresses and encrypted passwords may have been accessed by unauthorised party.


1 min read

bitdefender.com

‘Unauthorised code’ on Juniper firewalls gives attackers admin access, decrypts VPN traffic

Within Juniper’s firewall management operating system there sits a backdoor, giving attackers access to admin functions and the ability to decrypt supposedly-secure encrypted VPN traffic.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

Users their own worst enemy when it comes to encrypted messaging apps

Security researchers have found that user error can be responsible for compromising the exchanges of encrypted communications apps like Signal.

David Bisson reports.


1 min read

Vulnerable parking apps allow hackers to steal your login and credit card details

Six Android parking payment apps come under the microscope, and are found lacking when it comes to security.

David Bisson reports.


1 min read

You know you’ve lost if terrorism means you start banning public Wi-Fi

After terrorists killed 130 people in Paris last month, it’s no surprise to see law enforcement looking to find “easy wins” to curb future attacks.

But blocking Tor and banning public Wi-Fi? That’s not the right response at all.


1 min read

bitdefender.com

VTech toymaker hacked – millions of families have their personal info exposed

VTech, a leading maker of electronic learning toys, has suffered a serious security breach, with hackers accessing a database containing information about customers and their children.

Read more in my article on the Hot for Security blog.


0 sec read

Plusnet isn’t acting safely with your password

It’s 2015. Shouldn’t large companies be treating passwords more securely than this?


1 min read

Encryption stops criminals. Weakening it doesn’t make sense

Following the horrific terrorist attacks in Paris, there have been calls from some for law enforcement to be given a method to snoop upon encrypted communications.

Fortunately there are some technical experts who are prepared to step into the debate and share their wisdom.


2 min read

bitdefender.com

BlackBerry believes in encryption backdoors – thinks it’s good for business

BlackBerry and its rivals couldn’t be further apart it seems, telling federal conference delegates that the company is a strong believer in providing law enforcement agencies with methods to lawfully intercept communications.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

The media link the PlayStation 4 to terrorist attacks in Paris

I’ve been reading stories all day that suggest that the terrorists who killed over 120 people in Paris might have used a PlayStation 4 gaming console to plot and plan their crime…


2 min read

Website files encrypted by Linux.Encoder.1 ransomware? There is now a free fix

Researchers have exploited a flaw in the encryption procedure used by the Linux.Encoder.1 – the first ransomware targeting the Linux platform – to develop a decryption tool for victims.

Guest contributor David Bisson reports.


2 min read

bitdefender.com

Buggy ransomware locks up your data, then throws away the encryption key

Normally when security researchers find a bug in a piece of malware the last thing they want to do is tell the malicious code’s creator about it.

After all, don’t bugs in bad software have to be a good thing? Well, that’s not necessarily the case…

Read more in my article on the Hot for Security blog.


0 sec read

The Draft Investigatory Powers Bill – what it actually says

The controversial draft Investigatory Powers Bill being proposed by the UK government says almost nothing about encryption.

Guest contributor Philip Le Riche shares his opinion about what it does have to say, and whether he feels the bill is needed.


6 min read

TalkTalk was hacked. But it’s silly to ask if the data was encrypted

Alan Solomon argues that data encryption is irrelevant in the case of the TalkTalk hack.


1 min read

Hacked TalkTalk says that it has received ransom demand

TalkTalk has said that it has received a ransom demand, after it suffered a hack which has potentially put the details of up to four million customers at risk.


1 min read