OpenSSL downgrades horror bug after week of panic, hype

OpenSSL today issued a fix for a critical-turned-high-severity vulnerability that project maintainers warned about last week. After days of speculation, infosec professionals and armchair bug hunters received more of a trick than a treat on November 1: two CVE-tagged security Read More …

FYI: Microsoft Office 365 Message Encryption relies on insecure block cipher

Microsoft Office 365 Message Encryption claims to offer a way “to send and receive encrypted email messages between people inside and outside your organization.” And according to WithSecure, it’s not fit for purpose: the encryption method employed, known as Electronic Read More …

Indian military ready to put long-range quantum key distribution on the line

India’s military has celebrated the nation’s Independence Day by announcing it will adopt locally developed quantum key distribution (QKD) technology that can operate across distances of 150km. QKD is a technology to securely distribute encryption keys – items that could Read More …

End-to-end encryption is a ‘disaster’ for counter-terrorism and stops police finding right-wing extremists online

End-to-end encryption on messaging apps is a “disaster” for counter-terrorism officials as it stops them finding extreme-right activity online, a new report warns. Extreme right-wing terrorists’ “conspiracy theorist, anti-government outlook” means they are “often aware of what technical security measures Read More …

To stop quantum hackers, the US just chose these four quantum-resistant encryption algorithms

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has selected four quantum-resistant cryptographic algorithms for general encryption and digital signatures. NIST, a US standards setting body and research organization within the Department of Commerce, announced the Read More …

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said on Tuesday. Hardware manufacturers have long known that hackers Read More …

White House: Quantum computers could crack encryption, so here’s what we need to do

The White House has announced a set of proposals for keeping the US ahead in the quantum computing race globally, while mitigating the risk of quantum computers that can break public-key cryptography. Quantum computers powerful enough to break public-key encryption Read More …