Kaspersky Lab researchers have uncovered the StrongPity APT, a group that uses watering hole attacks to infect machines of users seeking encryption technologies such as WinRAR and TrueCrypt.
Browsing Tag: Encryption
Mike Mimoso and Chris Brook discuss this week’s Virus Bulletin conference in Denver and CNBC’s Cambridge Cyber Summit at MIT, the NSA contractor arrest, APT false flags, and more.
The Firefox browser will now deny TLS connections to servers using weak Diffie-Hellman keys.
A number of Democratic Congressional leaders wrote Yahoo CEO Marissa Mayer a letter seeking answers about the breach of 500 million customer records.
OpenSSL patched a high-severity vulnerability in its deployment on the Online Certificate Status Protocol, and also mitigated the SWEET32 attack.
Signal has fixed bugs in its Android messaging app that allow an attacker to corrupt an encrypted attachment and remotely crash the application.
OneLogin confirmed this week an attacker took advantage of a bug in its system and was able to view sensitive notes, thought to be secure, posted by users.
Linux admins are reporting attacks against webservers resulting in the deletion of web folders, reportedly by attackers using a ransomware variant called Fairware.
France’s and Germany’s Interior Minister are urging the EU to consider implementing a law to get companies to decrypt encrypted communications.
Researchers have found a new way to recover and decrypt authentication cookies from 3DES and Blowfish protected traffic. In response, OpenSSL is expected to deprecate 3DES’ designation from high to medium.