Encryption news, analysis, research, how-to, opinion, and video.

Common crypto mistakes criminals makes
malware keyboard security bug virus

best tools email encryption 1

GPG Sync simplifies encryption key management

Open source project GPG Sync makes it easier for organizations already using GPG to encrypt email messages to manage different user keys


12 hardware and software vulnerabilities you should address now

Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade, or replace ASAP

Digital Key, security, encryption

Encrypted communications could have an undetectable backdoor

Security researchers warn about the use of standardized or hard-coded primes in existing cryptosystems

apple campus headquarters stock

After Mozilla inquiry, Apple untrusts Chinese certificate authority

After an upcoming update MacOS and iOS will not trust new certificates issued by WoSign

Firefox, Mozilla

Firefox blocks websites with vulnerable encryption keys

Users will receive an error when trying to access web servers that use weak Diffie-Hellman key exchange with weak keys

keys ring of old antique keys stock

The best online backup service for securely encrypting your data

Find out which ones give you more (or less) control over your data

Vinton Cerf Heidelberg Laureate Forum

Vint Cerf's dream do-over: 2 ways he'd make the internet different

'I doubt I could have gotten away with either one,' says the father of the internet

managed security service providers

Lockdown! Harden Windows 10 for maximum security

To make the most of Windows 10's security improvements, you must target the right edition and hardware for your needs


New Google API cryptographically secures Chromebooks

The Verified Access API uses the Trusted Platform Module to cryptographically identify and assess the security posture of Chrome OS devices

quantum computing KryptAll

Why quantum computing has the cybersecurity world white-knuckled

'There is a pending lethal attack, and the clock is ticking,' a new report warns

light switch power on off

How to turn on HTTPS company-wide in one swoop

The GSA's effort to get all federal websites and services to use HTTPS reveals some points to keep in mind for your own switchover

cyber attack stock image

New collision attacks against triple-DES, Blowfish break HTTPS sessions

Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key

clicks pageviews traffic denial of service ddos attack

Poorly configured DNSSEC servers at root of DDoS attacks

Admins need to ensure that their DNSSEC domains are properly set up -- which can be easier said than done

party favors

6 security advances worth celebrating

In a world besieged by criminal hackers, we'll take all the good security news we can get. Here are six advances that can improve your defenses

New features in Windows 10 laptop

Respect: Windows 10 security impresses hackers

Windows is a popular attack target for criminals and researchers alike, but Microsoft has done a good job of making it harder to target security flaws in the OS

keys ring of old antique keys stock

AWS to enterprises: Bring your own encryption

AWS Key Management Service offers a plus for enterprises that want the benefits of local key management as a service without ceding control

Closeup of burglar criminal trying to break in chain locked door

Secure Boot proves insecurity of backdoors

Microsoft's Secure Boot prevents unauthorized software from running on Windows systems, but a leaked superpolicy bypasses those restrictions

penguin linux open source crystal ball predict future

SHA-2 shortcut: Easy certificate management for Linux

Due to the rollover from SHA-1 to SHA-2, a ton of digital certificate work is needed. With CertAccord, it's as easy to do on Linux as on Windows

Load More