Encryption

(get it in RSS or Atom)

Is Apple finally getting real about security? 60 Sec Security [VIDEO]

2014-05-10-thumb-0250

Where does the data breach buck stop? Why do they call them "secret" links? And is Apple finally getting real about security?

Find out in "60 Second Security" for 10 May 2014

Snapchat agrees to settlement with FTC over privacy complaints

snapchat-settlement-250

Snapchat and the FTC have come to terms in a settlement over the privacy practices of the controversial mobile message service company.

Will Snapchat be better at protecting user privacy now that it's required to be monitored by a privacy auditor for the next 20 years?

SSCC 146 - Target, Microsoft, Dropbox and the mysterious "Webdriver Torso" [PODCAST]

sscc-146-thumb-250

Have a listen to the latest episode of our weekly security podcast.

Sophos security experts Chester Wisniewski and Paul Ducklin look at what we can learn from the latest news.

Apple admits flaw in email attachment encryption on iPhones and iPads

Apple admits iOS 7 encryption flaw

Apple is under pressure once again to patch a security flaw in iOS 7, after a researcher published his discovery that email attachments are unencrypted on iPhones and iPads.

LibreSSL, Linux Foundation, Play Store refunds and Viber shabbiness - 60 Sec Security [VIDEO]

2014-04-26-thumb-250

How do you recover from Heartbleed? Can you get your money back from Google? And just how safe is the Viber instant messaging app?

Find out in 60 Second Security...

Here we go again: Viber mobile messenger app leaves user data unencrypted

viber-250

Viber, a mobile messenger app that allows users to make phone calls and send text messages for free, also gives up plenty of free user data to anyone who wants to listen.

Will Viber, WhatsApp and Snapchat ever learn?

Obama leaves loophole open for NSA to exploit zero-day vulnerabilities

Obama leaves loophole open for NSA to exploit zero-day vulnerabilities

No, the US White House didn't know about Heartbleed and didn't exploit the OpenSSL bug to snoop, it said, but it's reserving the prerogative to use zero-day exploits as a wedge to pry out intelligence if it serves national security interests.

NIST to review standard for cryptographic development - do we really care?

NIST to review standard for cryptographic development - do we really care?

Whether you use it to protect personal data, protect customer data or secure your communications, cryptography is an integral part of our digital world, but the announcement late in 2013 that NIST is reviewing its standards for cryptography seems to have gone largely unnoticed.

Google switches Gmail to HTTPS only

Google switches Gmail to HTTPS only

Google is now using an always-on HTTPS connection and encrypting all Gmail messages moving internally on its servers.

Marketers, IT contractor arrested in theft of 20 million South Korean credit cards

Marketers, IT contractor arrested in theft of 20 million South Korean credit cards

The inside job, affecting 40% of the country's population, has been traced back to one IT guy inside a credit bureau plus some dodgy data buyers, who've also been arrested.

Microsoft's anti-NSA encryption pledge raises questions

Microsoft's anti-NSA encryption pledge gets the hairy eyeball

Microsoft says it's fast-tracking the encryption of consumer data and moving toward greater source-code transparency. It sounds good on paper, though there are those who question why Skype, for one, was left off the list and how in the world we can trust a for-profit software maker.

JP Morgan Chase owns up to data breach: 465,000 customers at risk

JP Morgan Chase is the latest financial institution to own up to a data breach.

The details are still scanty, but it looks as though it happened back in July, wasn't noticed until September and was only owned up to in December...

Hack of online dating site Cupid Media exposes 42 million plaintext passwords

Hack of online dating site Cupid Media exposes 42 million plaintext passwords

Guess how many times "123456" was used as a password by users. If you answered "close to 2 million times," you win! Now guess which online dating site service has decided to encrypt customer records using salting and hashing in future.

Forum software vendor vBulletin breached - apparently by vBulletin hack

vbull-250

Forum software vendor vBulletin has owned up to a username-and-password breach on its forum.

Guess which forum software the company uses?

Loyaltybuild, Amazon, Facebook and Mavis Batey MBE - 60 Sec Security [VIDEO]

Why shouldn't you store unencrypted credit card numbers? How can you squeeze a positive result from a password breach? What sort of pressure was on the cryptanalysts at Bletchley Park?

Find out the answers in just one minute!

Making phishing more complex - on purpose

postepay-170

A threat that doesn't just attack, but asks you to put in a password first?

Sounds weird, but the trick worked for malware in the past, and is now being used in phishing

Fraser Howard of SophosLabs explains...

10 tips for securing your smartphone

10 tips for securing your smartphone

Remote wiping? Encryption? Secure passcode? Here are 10 tips to ensure you keep your smartphone just as secure as your PC.

Google to encrypt data "end-to-end" in effort to block NSA and other agencies

Google: US data requests have more than tripled since 2009

Google is stepping up efforts to toughen data encryption in an effort to limit unofficial snooping on user information in the wake of the revelations about the NSA and PRISM.

LastPass, hackable lights, Bradley Manning and Wackyleaks - 60 Sec Security [VIDEO]

2013-08-24-wackyleaks-250

What happened to LastPass that it needed a patch? How do Philips wireless lights handle security? What will become of Bradley Manning? And what has Wikileaks been up to lately?

Take a look at 60 Second Security and find out!

Next version of the web will have resistance to surveillance at its core

Surveillance

The Internet Engineering Task Force is planning changes to the fundamental protocol that powers the web to make it more resistant to surveillance.