Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
Zoom has reached a settlement with the New York state attorney general's office to provide better security and privacy controls for its videoconferencing platform. Meanwhile, the company announced it's acquiring a start-up encryption company.
With $30 million in funding, Silicon Valley icons Jim Clark and Tom (TJ) Jermoluk launched Beyond Identity, a new identity management platform that promises "the end of passwords." Jermoluk discusses the technology and how this is a continuation of what he and Clark started 25 years ago.
TikTok, a video-sharing service, has been delivering video and other media without TLS/SSL encryption, which means it may be possible for someone to tamper with content, researchers say. That could be especially damaging in the current pandemic environment, where misinformation and confusion abounds.
Zoom, responding to research that highlighted encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls. With COVID-19 driving a surge in working from home, researchers have been closely reviewing the security of such software.
Many organizations have leapfrogged from "cloud concerns" to "cloud first" mindsets. What are the implications for encryption and access control in a multi-cloud environment? Lee Waskevich of ePlus and Todd Moore of Thales discuss the challenges and solutions.
The Cryptographer's Panel, which sees five cryptography experts analyze and debate top trends, remains a highlight of the annual RSA conference. For 2020, the panel focused on such topics as facial recognition, election integrity and the never-ending crypto wars, while giving shout-outs to bitcoin and blockchain.
Intelligence agencies in the United States and West Germany secretly owned a controlling stake in Swiss firm Crypto AG for decades and used their access to the company's encrypted communications equipment to spy on over 100 countries, including friends and foes alike, according to news reports.
Apple previously scuttled plans to add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. But the apparent olive branch hasn't caused the U.S. government to stop vilifying strong encryption and the technology giants that provide it.
U.S. Attorney General William Barr is ratcheting up the pressure on Apple to unlock two iPhones belonging to a Saudi national who carried out a deadly shooting in December. The attorney general is labeling the shooting as an act of terrorism and says Apple is hampering a counterterrorism investigation.
A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found. The data includes baby photos and videos, birthdates, location data and device information.
Researchers are attempting to develop new forms of cryptography that could not be cracked by powerful quantum computing devices that are in the works. Divesh Aggarwal, principal investigator at Singapore's Center for Quantum Technologies, describes the efforts.
The FBI has sent a letter to Apple asking for help in accessing encrypted data from two iPhones belonging to a deceased shooter. The bureau's move may be a prelude to another legal fight between the FBI and Apple over strong encryption.
IoT devices are generating duplicate prime numbers while generating RSA keys, putting them at risk of a factoring attack, according to new research, which shows such an attack could be done at scale and at a low computing cost.