On the IoT road: perks, benefits and security of moving smartly

This year, we decided to continue our tradition of small-scale experiments with security of connected devices but focused on the automotive-related topic. We randomly took several different automotive connected devices (a couple of auto scanners, a dashboard camera, a GPS tracker, a smart alarm system, a pressure and temperature monitoring system) and reviewed their security setup.

July 22, 2019

Slack response. Passwords reset four years after data breach

July 19, 2019

In March 2015, Slack announced that it had been hacked the previous month, and that a central user database holding “usernames, email addresses, and one-way encrypted (‘hashed’) passwords” had been accessed. In some instances, phone numbers and Skype IDs were also exposed. Slack said that it had “no indication that the hackers were able to decrypt stored passwords”. At the time I questioned whether Slack had really announced the breach…


Breathe Deeply: DHS warns of Flaw in Hospital Anesthesia Machines

GE learned of a serious vulnerability affecting two brands of anesthesia machines in October. The company on Tuesday advised customers to take steps to protect them from being remotely tampered with. The U.S. Department of Homeland Security on Tuesday warned that a serious and remotely exploitable security hole has been found in two anesthesia devices made by GE Healthcare. DHS issued an ICS Medical Advisory (ICSMA-19-190-01) Tuesday for the GE…

July 11, 2019

Key Blocks 101

The PCI PIN Security Requirements and Testing Procedures (PCI PIN Security Standard) require implementation of Key Blocks.  On the blog, we cover basic questions about this security method and how it helps secure payment data.

July 9, 2019

12 Global Data Protection Trends Keeping CEOs More Secure

July 9, 2019 12 Global Data Protection Trends Keeping CEOs More Secure Author : Raajveer Loyal As cyber-security breaches increase in frequency and severity year on year, CEO’s could soon serve prison terms if an employee from his or her organization unknowingly clicks on a malicious link. The following is a look at 12 global encryption trends that could potentially eliminate CEO’s being held accountable for harmful security incidents outside…

July 9, 2019

Hackers are poisoning the PGP SKS keyserver network poisoned

Threat actors targeted two high-profile PGP project contributors with the intent to poison certificates used by the SKS keyserver network.  Contributors to the PGP protocol GnuPG claim that threat actors are “poisoning” their certificates, this means that attackers spam their certificate with a large number of signatures. The intent is to make it impossible for […]

The post Hackers are poisoning the PGP SKS keyserver network poisoned appeared first on Security Affairs.

July 8, 2019

Protect sensitive information with Seqrite Encryption

Among the most important assets that an enterprise possesses, data is undoubtedly the most important. In today’s digital age, there are reams of data being processed, transmitted and disseminated every millisecond and much of the world’s economy runs on data. Hence, organizations must take every possible measure when it comes to safeguarding this precious data. […]

The post Protect sensitive information with Seqrite Encryption appeared first on Seqrite Blog.

July 3, 2019

Google Releases Basic Homomorphic Encryption Tool

Google has released an open-source cryptographic tool: Private Join and Compute. From a Wired article: Private Join and Compute uses a 1970s methodology known as "commutative encryption" to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. This is helpful for multiparty computation, where you need to…

July 2, 2019