Encryption/Data Security news, articles & updates| SC Media

Encryption/Data Security

Diplomats used WhatsApp, personal phones to discuss Ukraine policy

Nearly a decade after Hillary Clinton began using personal devices and a private email server while Secretary of State – a practice that sparked a heated debate and congressional investigations during the 2016 presidential election cycle – an early impeachment probe into President Trump revealed that diplomats in the administration used WhatsApp and their personal…

Cellebrite claims it can crack any iPhone or Android, Trump admins weigh encryption ban

Israeli data extraction firm Cellebrite announced the ability to break into any iPhone or Android device for law enforcement agencies near the same time Trump administration officials weighed the pros and cons of banning encryption law enforcement can’t break.   Senior Trump officials met Wednesday to discuss whether to seek legislation that would crack down on…

Unpatched bug in Windows SymCrypt library could cause DoS condition, warns researcher

Google’s Project Zero vulnerability hunting team has publicly disclosed an unpatched bug in the SymCrypt cryptography library for Windows, which could create a denial of service condition when the user initiates any function that requires cryptography. Project Zero researcher Tavis Ormandy said in a June 11 tweet that even though the problem is of “relatively…

Australian flag

Australia passes law forcing tech giants to circumvent encryption on target devices

Australia’s parliament on Thursday passed groundbreaking legislation that instructs tech developers to help law enforcement investigations by intercepting the encrypted communications of suspects’ devices. Known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, the law contains language requiring companies in some cases to build new capabilities to decrypt protected communications if…

Winnti trojan may help set stage for Skeleton Key attacks, analysts say

Encryption flaws in solid state drives enable unauthorized data access

Researchers from Radboud University Nijmegen in the Netherlands yesterday disclosed a pair of vulnerabilities in the hardware full-disk encryption mechanisms of self-encrypting solid state drives (SSDs) from Samsung and Crucial. The flaws are present in both internal and external storage devices from these manufacturers, and even affect Microsoft Windows environments that use BitLocker for full-disk…

Pair of surveys underscore importance of secure PKI in government, IoT

Both the federal government and Internet of Things manufacturers are facing key challenges and opportunities in regards to implementing secure Public Key Infrastructure practices for digital certificate management and encryption, according to a pair of newly published research reports. The first report, from machine identity protection company Venafi, reveals data compiled from a survey of 100 federal…

Next hm-product-review in Encryption/Data Security