Tag: encryption

Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations

Aug 27, 2025 1:24 PM

Tags: attack, cyber, encryption, group, leak, malware, ransomware, tactics

The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated sophisticated malware engineering that blends cutting-edge encryption techniques with focused penetration measures. First detected in July 2023, the group resurfaced in May 2024 with a revamped Dedicated Leak Site (DLS), where…
TDL003 – Breaking Barriers: IPv6 Adoption and DNS Transformation with Tommy Jensen

Aug 27, 2025 5:23 AM

Tags: access, ai, apple, attack, backup, banking, browser, business, ceo, chrome, ciso, compliance, computer, computing, control, country, credentials, cybersecurity, data, data-breach, ddos, dns, encryption, endpoint, google, government, group, international, Internet, jobs, law, microsoft, mobile, network, phishing, phone, privacy, programming, radius, risk, service, smishing, strategy, switch, technology, threat, update, vpn, windows, zero-trust

Summary This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet technologies, is explored. The discussion highlights the critical importance and challenges of migrating to IPv6 and the necessity of…
Encryption Backdoor in Military/Police Radios

Aug 26, 2025 3:55 PM

Tags: backdoor, encryption, flaw, vulnerability

I wrote about this in 2023. Here’s the story: Three Dutch security analysts discovered the vulnerabilities”, five in total”, in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others. The standard has been used in radios since the ’90s, but the flaws remained…
Jubiläum ESicherheitsspezialist Seppmail ist seit 10 Jahren in Deutschland

Aug 26, 2025 2:54 PM

Tags: encryption, germany, mail

Die Seppmail Deutschland GmbH, ein führender Anbieter für sichere E-Mail-Kommunikation, feiert im August 2025 ihr 10-jähriges Bestehen. Seit 2015 bietet das Unternehmen zuverlässige Lösungen für E-Mail-Verschlüsselung und Datenschutz. Der Anlass würdigt ein Jahrzehnt erfolgreicher Zusammenarbeit mit Kunden, Partnern und Mitarbeitern ein Meilenstein, der nicht nur die kontinuierliche Entwicklung des Unternehmens unterstreicht, sondern auch […] First…
FTC Chair Tells Tech Giants to Hold the Line on Encryption

Aug 25, 2025 10:54 PM

Tags: apple, encryption, finance, government, microsoft

The chairman sent letters out to companies like Apple, Meta, and Microsoft, advising them not to adhere to the demands of foreign governments to weaken their encryption. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ftc-chair-tech-giants-encryption
FTC warns tech giants not to bow to foreign pressure on encryption

Aug 25, 2025 2:54 PM

Tags: data, encryption, finance, government

The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ftc-warns-tech-giants-not-to-bow-to-foreign-pressure-on-encryption/
FTC warns tech giants not to bow to foreign pressure on encryption

Aug 25, 2025 2:54 PM

Tags: data, encryption, finance, government

The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ftc-warns-tech-giants-not-to-bow-to-foreign-pressure-on-encryption/
How AI is reshaping cybersecurity operations

Aug 25, 2025 9:54 AM

Tags: access, ai, attack, business, ciso, cloud, control, cyber, cybersecurity, data, defense, detection, encryption, finance, gartner, governance, guide, hacker, infrastructure, intelligence, jobs, malware, microsoft, monitoring, phishing, regulation, resilience, risk, sans, service, skills, soc, strategy, supply-chain, technology, threat, tool, training, update

Because AI can perform tasks at speeds that supersede human capacity, it exponentially scales the amount of work that a cybersecurity function can do, says Rob T. Lee, chief of research for AI and emerging threats and head of faculty at SANS Institute.Moreover, AI excels at doing repetitive tasks near perfectly every time, so it…
Ensuring security in a borderless world: The 30th anniversary of Schengen system

Aug 22, 2025 9:54 AM

Tags: access, ai, cloud, compliance, computing, control, country, cyber, cybersecurity, data, dora, encryption, framework, GDPR, infrastructure, mfa, network, nis-2, office, privacy, regulation, resilience, technology, tool, update
The Triple Threats CISOs cannot ignore: A Perfect Storm of Digital Frontlines, Dark AI and Quantum Leaps

Aug 22, 2025 6:54 AM

Tags: ai, ciso, computer, computing, corporate, cyber, cybersecurity, data, deep-fake, email, encryption, firewall, fraud, governance, incident response, intelligence, malicious, penetration-testing, phishing, resilience, risk, scam, service, siem, soc, social-engineering, technology, threat, tool, training, vulnerability

Adrian Hia, Managing Director for Asia Pacific at Kaspersky.Smart Security Operations Centers (SOCs) that leverage AI and real-time analytics to monitor, respond, and adapt to these complex new threats are critical. Adrian Hia further shared, “When incidents occur, response becomes critical. Every minute equates to dollars lost. organisations in Southeast Asia are increasingly relying on…
The Imperative of Tunnel-Free Trusted Cloud Edge Architectures

Aug 21, 2025 10:54 PM

Tags: access, ai, attack, authentication, backup, business, china, cloud, communications, compliance, computing, control, corporate, cyber, cybersecurity, data, data-breach, defense, encryption, endpoint, espionage, finance, framework, GDPR, healthcare, HIPAA, identity, infrastructure, Internet, iot, malicious, military, mobile, network, office, PCI, privacy, radius, regulation, resilience, risk, service, software, strategy, technology, threat, tool, unauthorized, vpn, zero-trust
FTC warns tech companies not to weaken encryption, free speech practices for foreign governments

Aug 21, 2025 8:54 PM

Tags: encryption, finance, government, service

Chair Ferguson cited the E.U.’s Digital Service Act and the U.K.’s Online Safety Act as statutes that incentivize U.S. tech companies “to censor speech, including speech outside of Europe.” First seen on cyberscoop.com Jump to article: cyberscoop.com/ftc-ferguson-tech-companies-weakening-encryption-data-privacy-free-speech/
Enterprise passwords becoming even easier to steal and abuse

Aug 21, 2025 9:55 AM

Tags: access, attack, authentication, breach, ceo, ciso, compliance, control, credentials, cyber, cybersecurity, data, detection, encryption, exploit, extortion, group, identity, leak, mfa, monitoring, passkey, password, phishing, ransomware, risk, strategy, threat, tool, zero-trust

Growing threat from stolen credentials: Attackers actively target user credentials because they offer the most direct route or foothold into a targeted organization’s network. Once inside, attackers can move laterally across systems, searching for other user accounts to compromise, or they attempt to escalate their privileges and gain administrative control.This hunt for credentials extends beyond…
Defending Enterprise Data Against Quantum Encryption Attacks

Aug 20, 2025 2:54 PM

Tags: attack, computer, crypto, cryptography, cybersecurity, data, encryption, linkedin, risk, technology, threat, tool

The quantum cliff is coming. Q-Day is the point in time when quantum computers become powerful enough to break most data encryption. It is inevitable that legacy algorithms will be undermined and the race is on to proactively migrate to modern tools to protect sensitive data. In our latest episode of Cybersecurity Insights, I sat…
Um bei der Nutzung amerikanischer Cloud-Lösungen beim Datenschutz auf Nummer sicher zu gehen, setzen Unternehmen auf Security-Audits, Penetrationstests und Verschlüsselung

Aug 20, 2025 1:54 PM

Tags: cloud, encryption, germany

Über 86 Prozent der Unternehmen in Deutschland planen derzeit konkrete Maßnahmen, um ihre Daten zu schützen und compliant zu sein. Das hat eine von Techconsult im Auftrag von Eperi durchgeführte Umfrage herausgefunden. Diese hat sich mit der Frage beschäftigt, inwieweit heute seitens der Unternehmen Maßnahmen ergriffen werden, um bei der Nutzung von US-Cloud-Lösungen die Einhaltung…
UK Retreats on Apple Encryption Backdoor Demand Following US Pressure

Aug 20, 2025 12:53 PM

Tags: apple, backdoor, encryption, government, intelligence

US director of national intelligence, Tulsi Gabbard, stated that her government persuaded the UK to withdraw its controversial demand First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-retreats-apple-encryption/
Automation Alert Sounds as Certificates Set to Expire Faster

Aug 19, 2025 10:54 PM

Tags: automation, crypto, encryption

Maximum Validity of Public TLS Certificates Will Drop From 398 Days to Just 47 Days. The future of managing digital certificates is already here – it’s just not evenly distributed yet. With the public TLS certificate validity period set to drop to just 47 days, as well as the need to migrate to quantum-safe encryption,…
New security features beef up Google Cloud Platform

Aug 19, 2025 6:54 PM

Tags: access, ai, attack, authentication, cloud, compliance, computing, control, credentials, data, defense, detection, encryption, finance, google, governance, group, iam, incident response, intelligence, least-privilege, monitoring, network, privacy, RedTeam, risk, service, soar, soc, technology, threat, tool, unauthorized, update, vulnerability, waf, zero-trust

CSO in an email.”One of the biggest security improvements that we’re announcing is within our AI Protection solution [part of a customer’s GCP Security Command Center]. As organizations rapidly adopt AI, we’re developing new capabilities to help them keep their initiatives secure.”These include new capabilities for automated discovery of AI agents and Model Context Protocol…
UK ‘agrees to drop’ demand over Apple iCloud encryption, US intelligence head claims

Aug 19, 2025 2:54 PM

Tags: apple, encryption, intelligence

The United Kingdom is backing down from a controversial legal demand targeting Apple, U.S. Director of National Intelligence Tulsi Gabbard claimed on social media. First seen on therecord.media Jump to article: therecord.media/uk-agrees-drop-apple-encryption
US says UK has agreed to drop encryption ‘back door’ demands against Apple

Aug 19, 2025 2:54 PM

Tags: apple, encryption, service

US and UK end diplomatic row over UK encryption ‘back door’ order against Apple, but it remains unclear whether Apple will restore advance encryption services to UK users First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629434/US-says-UK-has-agreed-to-drop-encryption-back-door-demands-against-Apple
Cooking with Code: A DevOps Kitchen Secured by Thales

Aug 19, 2025 1:54 PM

Tags: access, ai, api, cctv, cloud, compliance, control, data, encryption, GDPR, identity, infrastructure, injection, least-privilege, malicious, mfa, military, monitoring, PCI, service, software, strategy, tool, waf, zero-day, zero-trust

Cooking with Code: A DevOps Kitchen Secured by Thales madhav Tue, 08/19/2025 – 05:13 In today’s hyperconnected digital world, deploying applications is a lot like running a high-performance, Michelin-star kitchen. You need the right setup, a disciplined process, and seamless coordination, where every tool, role, and task moves in harmony, executed flawlessly. Speed and precision…
U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback

Aug 19, 2025 1:54 PM

Tags: access, apple, backdoor, data, encryption, government, intelligence

The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include a backdoor that would have enabled access to the protected data of U.S. citizens.U.S. Director of National Intelligence (DNI) Tulsi Gabbard, in a statement posted on X, said the U.S. government had been working with its partners with…
US spy chief claims UK backed down over Apple backdoor demand

Aug 19, 2025 11:54 AM

Tags: apple, backdoor, encryption, iphone, spy

Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight First seen on theregister.com Jump to article: www.theregister.com/2025/08/19/uk_apple_backdoor_uturn/
Lockbit Linux ESXi Ransomware Variant Reveals Evasion Techniques and File Encryption Process

Aug 19, 2025 10:54 AM

Tags: cyber, encryption, linux, lockbit, malware, ransomware, reverse-engineering

A recent reverse engineering analysis of a Lockbit ransomware variant targeting Linux-based ESXi servers has uncovered several sophisticated evasion techniques and operational details. The malware, first documented in 2022, employs the ptrace system call to detect debugging environments by attempting to attach to its parent process. If this fails typically due to an existing tracer…
(g+) Verschlüsselung auf Datenbankebene: Wie Daten selbst bei physischem Zugriff geschützt werden

Aug 18, 2025 2:54 PM

Tags: access, data, encryption

Wir zeigen, wie mittels Transparent Data Encryption vertrauliche Informationen wirksam vor Unbefugten geschützt werden – sogar bei Zugriff auf Back-ups oder Datenbanken. First seen on golem.de Jump to article: www.golem.de/news/verschluesselung-auf-datenbankebene-wie-daten-selbst-bei-physischem-zugriff-geschuetzt-werden-2508-198929.html
PQC-Umstellung: Worauf es bei der Einführung hybrider Verschlüsselungsverfahren ankommt

Aug 12, 2025 3:12 PM

Tags: encryption, tool

Mit einem leistungsfähigen PKI-Management-Tool lassen sich bestehende Verschlüsselungsstrukturen vollständig erfassen, analysieren und schrittweise auf PQC- oder Hybridverfahren umstellen. So kann auch in hochsensiblen Systembereichen mit strengen Anforderungen an Betriebskontinuität und Sicherheit eine zukunftssichere Verschlüsselung erfolgreich umgesetzt werden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/pqc-umstellung-worauf-es-bei-der-einfuehrung-hybrider-verschluesselungsverfahren-ankommt/a41677/
Digitale Souveränität für Deutschland vorerst unerreichbar

Aug 12, 2025 12:12 PM

Tags: access, ai, bsi, chatgpt, china, cloud, computer, cyersecurity, encryption, germany, google, governance, government, hacker, injection, Internet, risk, strategy, update, usa

BSI-Präsidentin Plattner: “Wir haben technologische Abhängigkeiten an ganz vielen Stellen.” Jan WaßmuthSeine Abhängigkeit von Cloud-Lösungen, KI-Modellen und anderen Tech-Produkten aus dem Ausland wird Deutschland nach Einschätzung des Bundesamtes für Sicherheit in der Informationstechnik (BSI) so bald nicht überwinden. Da der Staat seine digitalen Systeme und Daten bis auf weiteres nicht ohne Input aus dem außereuropäischen…
Researchers cracked the encryption used by DarkBit ransomware

Aug 12, 2025 12:12 PM

Tags: cybersecurity, encryption, ransomware

Researchers at cybersecurity firm Profero cracked DarkBit ransomware encryption, allowing victims to recover files for free. Good news for the victims of the DarkBit ransomware, researchers at cybersecurity firm Profero cracked the encryption process, allowing victims to recover files for free without paying the ransom. However, at this time, the company has yet to release…
Royal Enfield Reportedly Targeted in Ransomware Attack, Hackers Claim Data Encryption

Aug 12, 2025 12:12 PM

Tags: attack, backup, breach, cyber, cybersecurity, data, encryption, hacker, ransomware

Royal Enfield, the storied motorcycle manufacturer celebrated for its classic designs and global fan base, is reportedly grappling with a significant cybersecurity breach. A hacker collective posted a “Complete Breach Notice” on an underground forum, claiming full system compromise at Royal Enfield Corporation. According to the notice, all servers have been encrypted and backups wiped,…
From Risk to ROI: How Security Maturity Drives Business Value

Aug 12, 2025 10:12 AM

Tags: access, ai, breach, business, cloud, compliance, control, cyber, cybersecurity, data, detection, encryption, exploit, finance, framework, GDPR, governance, government, healthcare, incident response, infrastructure, insurance, intelligence, monitoring, nist, privacy, ransomware, regulation, resilience, risk, risk-assessment, risk-management, service, software, strategy, threat, tool, unauthorized, vulnerability

From Risk to ROI: How Security Maturity Drives Business Value madhav Tue, 08/12/2025 – 04:30 Cyber threats are like moving targets”, constantly evolving and increasingly pervasive. In a hyper-connected world, no individual, industry, or organization is immune. The threat landscape presents a serious and persistent challenge for governments, businesses, critical infrastructure, and individuals alike. Many…