encryption Archives - Page 9 of 21

Pierluigi Paganini July 04, 2016

WhatsApp vs Telegram in Terms of Encryption and Features

Compare and contrast WhatsApp and Telegram, so as to see which of the two messaging apps offers the best option for encrypted chat. Messaging apps have been increasing rapidly in popularity. WhatsApp has gone over one billion users and Telegram claims to have over 350,000 people a day signing up for its services. So, it […]

Pierluigi Paganini July 02, 2016

Breaking Android Full-Disk Encryption, not so hard on Qualcomm devices

The Android full-disk encryption can be easily cracked with a brute force attack, hundreds of millions of Android mobile are at risk. Bad news for Android users that want to protect their data by enabling full-disk encryption (FDE) on their mobile devices. The Android full-disk encryption can be easily cracked with a brute force attack, […]

Pierluigi Paganini June 24, 2016

Apple confirms iOS 10 kernel source code left unencrypted intentionally

Apple confirms iOS 10 kernel code left unencrypted intentionally to improve OS performance and ensures that it will have no impact on security. The news is intriguing, while Apple announced the new release of its mobile operating system, the iOS 10, the experts discovered that its kernel is unencrypted. The researchers from MIT Technology who reviewed […]

Pierluigi Paganini June 04, 2016

How to steal encryption keys from the air through a PC’s noises

A group of Israeli researchers demonstrated how to steal RSA encryption keys through a PC’s noises during cryptographic operations. If you think that air-gapped networks are totally secure you are wrong, in the past, many research teams have devised methods to steal data from computers disconnected from the Internet. They demonstrated that it is possible […]

Pierluigi Paganini May 31, 2016

CVE-2016-2107 OpenSSL Flaw still affects many Alexa Top Sites

According to the security firm High-Tech Bridge many of the Alexa Top 10,000 websites are still vulnerable to the OpenSSL flaw CVE-2016-2107. The CVE-2016-2107 flaw affecting the open-source cryptographic library could be exploited to launch a man-in-the-middle attack leveraging on the ‘Padding Oracle Attack’ that can decrypt HTTPS traffic if the connection uses AES-CBC cipher and the server supports AES-NI. According […]

Pierluigi Paganini May 26, 2016

Next-gen Tor is arriving and it will include a distributed random number generator

The researchers at the Tor project are working on a new distributed random number generator that will be included in the next-generation Tor. The researchers at the Tor project have elaborated a new way to generate random numbers to support security improvements of its next-generation onion router. The Random Number Generators are essential components for […]

Pierluigi Paganini May 23, 2016

Slovenian hacker who reported issues in Tetra Protocol gets prison sentence

A Slovenian student who reported configuration errors in the Tetra protocol used by the local Police gets a prison sentence. Ethical hacking could be very risky, this is the experience of a 26-year-old Slovenian student, Dejan Ornig, that had serious problems after the discovery of flaws in the Police Communications Protocol. It is incredible, but authorities […]

Pierluigi Paganini May 08, 2016

How terrorists abuse online services for propaganda?

Researchers at TrendMicro have analyzed online activities of terrorists identifying the techniques and tools used for their propaganda. Using vulnerabilities in software, websites, and web applications as attack vectors, hosting malicious components in cloud services. Other than this if there’s any service getting launched in the future, there will be always chances of abuse. Experts […]

Pierluigi Paganini May 05, 2016

A High-Severity flaw in OpenSSL allows the HTTPS Traffic decryption

OpenSSL has the patches for six flaws including two high-severity bugs that could allow attackers to decrypt HTTPS traffic and execute malicious code on the server. OpenSSL just released several patches to fix vulnerabilities in the open-source cryptographic library, including a couple of high-severity flaws (CVE-2016-2107, CVE-2016-2108) that could be exploited to decrypt HTTPS Traffic. The CVE-2016-2107 could […]

Pierluigi Paganini May 04, 2016

Google is bringing HTTPS to all blogspot domain blogs

Google decided to switch on default HTTPS for its free domain service provider Blogspot, the migration will be easy and transparent for the users. After WordPress also Google decided to switch on default HTTPS for its free domain service provider Blogspot. The measure will impact millions of users of the popular platform. Since September 2015 Google had introduced […]

encryption

WhatsApp vs Telegram in Terms of Encryption and Features

Breaking Android Full-Disk Encryption, not so hard on Qualcomm devices

Apple confirms iOS 10 kernel source code left unencrypted intentionally

How to steal encryption keys from the air through a PC’s noises

CVE-2016-2107 OpenSSL Flaw still affects many Alexa Top Sites

Next-gen Tor is arriving and it will include a distributed random number generator

Slovenian hacker who reported issues in Tetra Protocol gets prison sentence

How terrorists abuse online services for propaganda?

A High-Severity flaw in OpenSSL allows the HTTPS Traffic decryption

Google is bringing HTTPS to all blogspot domain blogs

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Critical Sudo bugs expose major Linux distros to local Root exploits

Google fined $314M for misusing idle Android users' data

A flaw in Catwatchful spyware exposed logins of +62,000 users

QUICK LINKS

encryption

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!