Tag: cryptography
-
New Quantum-Safe Alliance Aims to Accelerate PQC Implementation
The new Quantum-Safe 360 Alliance will provide road maps, technology, and services to help organizations navigate the post-quantum cryptography transition before the 2030 deadline. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/new-quantum-safe-alliance-accelerate-pqc-implementation
-
Utilities, Factories at Risk From Encryption Holes in Industrial Protocol
The OPC UA communication protocol is widely used in industrial settings, but despite its complex cryptography, the open source protocol appears to be vulnerable in a number of different ways. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/utilities-factories-encryption-holes-industrial-protocol
-
News alert: OpenSSL conference to convene experts on cryptograohy, compliance and open-source
Newark, NJ, Aug. 4, 2025, CyberNewswire”, Early Bird registration is now available for the inaugural OpenSSL Conference, scheduled for October 79, 2025, in Prague. The event will bring together leading voices in cryptography, secure systems, and open-source infrastructure. Early registrants… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/news-alert-openssl-conference-to-convene-experts-on-cryptograohy-compliance-and-open-source/
-
What Is the Role of Provable Randomness in Cybersecurity?
Random numbers are the cornerstone of cryptographic security, cryptography depends on generating random keys. As organizations adopt quantum-resistant algorithms, it’s equally important to examine the randomness underpinning them First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/what-is-the-role-of-provable-randomness-in-cybersecurity-
-
Symmetric Cryptography in Practice: A Developer’s Guide to Key Management
Symmetric cryptography powers everything from HTTPS to JWT tokens, but key management remains a significant challenge. This developer guide covers three critical use cases”, session keys, self-use keys, and pre-shared keys”, with practical strategies for secure generation, rotation, and storage. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/symmetric-cryptography-in-practice-a-developers-guide-to-key-management/
-
Prepping for the quantum threat requires a phased approach to crypto agility
Tags: access, ceo, ciso, computing, crypto, cryptography, cybersecurity, encryption, firmware, government, Hardware, identity, network, nist, open-source, software, supply-chain, threat, tool, vulnerabilityMissing pieces: Michael Smith, field CTO at DigiCert, noted that the industry is “yet to develop a completely PQC-safe TLS protocol.””We have the algorithms for encryption and signatures, but TLS as a protocol doesn’t have a quantum-safe session key exchange and we’re still using Diffie-Hellman variants,” Smith explained. “This is why the US government in…
-
PoisonSeed outsmarts FIDO keys without touching them
Tags: attack, authentication, ceo, cryptography, exploit, fido, Hardware, login, phishing, vulnerabilityFIDO isn’t broken, just outsmarted: Expel researchers called the campaign a concerning development, given that FIDO keys are often regarded as one of the pinnacles of secure MFA. “While we haven’t uncovered a vulnerability in FIDO keys, IT and SecOps folks will want to sit up and take notice,” they said. “This attack demonstrates how…
-
pqcscan: Open-source post-quantum cryptography scanner
pqcscan is an open-source tool that lets users scan SSH and TLS servers to see which Post-Quantum Cryptography (PQC) algorithms they claim to support. It saves the results in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/14/pqcscan-open-source-post-quantum-cryptography-scanner/
-
What EU’s PQC roadmap means on the ground
Tags: cryptographyIn this Help Net Security interview, David Warburton, Director at F5 Labs, discusses how the EU’s Post-Quantum Cryptography (PQC) roadmap aligns with global efforts and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/10/david-warburton-f5-labs-eu-pqc-roadmap/
-
U.S. House Homeland Security Appropriations Bill Seeks to Modernize Border Infrastructure Security with Proactive OT/IT Security Measures
Tags: ai, attack, awareness, cctv, cisa, cloud, control, cryptography, cyber, cybersecurity, data, defense, detection, fedramp, government, incident response, infrastructure, intelligence, Internet, iot, law, mitigation, monitoring, network, office, privacy, risk, service, strategy, supply-chain, technology, threat, tool, vulnerability, zero-trustThe FY 2026 House Homeland Security Appropriations Bill highlights growing focus in Congress on protecting border infrastructure from cyber threats. The directive to implement continuous monitoring and real-time threat intelligence reflects a broader push toward modern, preventive cybersecurity across federal agencies. As the digital and physical worlds become increasingly intertwined, the technologies used to protect…
-
Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat
Tags: access, advisory, ai, api, attack, authentication, best-practice, cisa, computer, computing, crypto, cryptography, cyber, cybersecurity, data, defense, encryption, exploit, finance, framework, google, governance, government, group, hacker, healthcare, infrastructure, injection, intelligence, Internet, iran, login, mfa, military, mitigation, mitre, network, nist, passkey, password, programming, ransomware, risk, rust, service, software, strategy, tactics, technology, terrorism, threat, tool, training, vulnerability, warfareCheck out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Dive into five things that are top of mind for the…
-
The ROI of moving certificate management in-house with internal CAs
Managing certificates in-house using private CAs offers enterprises greater security, compliance, and long-term cost savings. With the shift toward shorter certificate lifespans and rising complexity in modern IT environments, public CAs often fall short. Private CAs empower businesses with agility, automation, and control while supporting post-quantum cryptography and hybrid infrastructure needs. Tools like Sectigo streamline…
-
Post-Quantum World: From Research to Real-World Cryptography
MIT’s Vinod Vaikuntanathan on Post-Quantum Shift, Cryptography’s Role in AI Trust. As the race to build quantum computers intensifies, a parallel transformation is taking place in the field of cryptography. Vinod Vaikuntanathan, professor of computer science at Massachusetts Institute of Technology, believes now is the time to act. First seen on govinfosecurity.com Jump to article:…
-
Securing the Future Together: Why Thales and HPE are the Partners You Can Trust
Tags: access, ai, application-security, banking, business, cloud, compliance, computing, control, cryptography, cyber, cyberattack, data, dora, encryption, GDPR, government, Hardware, healthcare, infrastructure, network, nis-2, PCI, resilience, risk, service, software, strategy, threatSecuring the Future Together: Why Thales and HPE are the Partners You Can Trust madhav Tue, 06/17/2025 – 05:15 Across every industry, data drives decisions, innovation, and growth. As organizations modernize with hybrid cloud and AI, the risks to that data scale are just as fast. From sophisticated cyberattacks to increasingly stringent compliance demands, the…
-
New Trump Cybersecurity Order Reverses Biden, Obama Priorities
The White House put limits on cyber sanctions, killed the digital ID program, and refocused the government’s cyber activities to enabling AI, rolling out post-quantum cryptography, and promoting secure software design. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/trump-cybersecurity-order-reverses-biden-obama-priorities
-
Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Tags: access, attack, best-practice, business, cio, ciso, communications, computer, computing, conference, corporate, crypto, cryptography, cyber, cybersecurity, data, defense, email, encryption, finance, government, group, ibm, identity, incident, incident response, infrastructure, jobs, lessons-learned, metric, microsoft, mitre, monitoring, nist, risk, service, strategy, technology, threat, tool, training, update, vulnerability, vulnerability-management, warfareCheck out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO compensation and job satisfaction. Dive into five things that are top of…
-
CISOs urged to push vendors for roadmaps on post-quantum cryptography readiness
No ‘forklift upgrade’ needed: There is a misconception that change is difficult but the task of modernizing systems to make them PQC-ready can be broken down into chunks, advised Anne Leslie, cloud risk and controls leader for EMEA at IBM.”Businesses can only go as fast as partners and suppliers,” Leslie cautioned.Madelein van der Hout, senior…
-
FIPS 140-3 and You, Part Three
Tags: attack, authentication, ccc, compliance, conference, crypto, cryptography, cybersecurity, data, encryption, firmware, Hardware, international, network, nist, side-channel, software, technology, updateFIPS 140-3 and You, Part Three divya Thu, 06/05/2025 – 07:00 Last spring, in the second installment of this blog series, we were excited to announce that our Luna HSM product line was the first HSM in the industry to achieve FIPS 140-3 level 3 validation certificate. This spring, in this third installment, we happily…
-
Cybersecurity’s ‘rare earth’ skills: Scarce, high-value, and critical for future defense
Tags: ai, attack, business, ciso, computing, crypto, cryptography, cyber, cybersecurity, data, defense, detection, intelligence, jobs, programming, risk, skills, strategy, supply-chain, technology, threat, trainingAdvanced threat hunting expertise Like the rarest elements, professionals who can proactively identify novel threats and adversary techniques before they cause damage are scarce and extremely valuable. Why are these skills rare? Many factors have led to this scenario:Complex skill requirements: Effective threat hunters need a unique combination of skills, including deep cyber knowledge, programming…
-
New post-quantum cryptography migration guidance unveiled
Tags: cryptographyFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-post-quantum-cryptography-migration-guidance-unveiled
-
MITRE Outlines Roadmap for Post-Quantum Cryptography Migration
First seen on scworld.com Jump to article: www.scworld.com/brief/mitre-outlines-roadmap-for-post-quantum-cryptography-migration
-
MITRE Releases Roadmap for Transition to Post-Quantum Cryptography
The nonprofit research organization MITRE has unveiled a comprehensive roadmap designed to guide organizations through the critical transition from current cryptographic standards to quantum-resistant algorithms. This strategic framework addresses the emerging threat posed by quantum computing capabilities to existing public-key cryptographic infrastructures, providing detailed implementation timelines and technical specifications for adopting post-quantum cryptographic (PQC) standards…
-
Noisy quantum hardware could crack RSA-2048 in seven days
Research highlights the need for quantum safe cryptography given the speed with which quantum computing is evolving First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625113/Noisy-quantum-hardware-could-crack-RSA-2048-in-seven-days
-
Certified Randomness Uses Quantum Cryptography to Make Stronger Keys
Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/certified-randomnes-squantum-cryptography-stronger-keys
-
95% of Organizations Lack a Quantum Computing Strategy
ISACA Survey: 51% See Cyber Risk Hike; 46% Expect Regulatory, Compliance Challenges. Quantum technology is still emerging, but experts warn that failing to act now could jeopardize future data security. To safeguard tomorrow’s information, organizations must start developing a post-quantum cryptography strategy and upskill their workforce today. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/95-organizations-lack-quantum-computing-strategy-a-28501
-
AI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report
Tags: ai, api, attack, authentication, awareness, breach, cloud, compliance, computing, control, crypto, cryptography, data, encryption, guide, malicious, malware, mfa, nist, passkey, phishing, privacy, programming, ransomware, regulation, risk, software, strategy, threat, tool, vulnerabilityAI, Quantum and the Evolving Threat Landscape: Key Findings from the Thales 2025 Data Threat Report madhav Tue, 05/27/2025 – 04:40 The Thales 2025 Data Threat Report reveals a critical inflection point in global cybersecurity. As the threat landscape grows more complex and hostile, the rapid adoption of generative AI is amplifying both opportunity and…