CISA: Use Signal or other secure communications app

In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, CISA is advising “highly targeted individuals” – senior govern… Continue reading CISA: Use Signal or other secure communications app

Police takes down Matrix encrypted chat service used by criminals

A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created for criminals. Matrix (Source: Dutch Police) The Matrix encrypted chat service Matrix – also know as Ma… Continue reading Police takes down Matrix encrypted chat service used by criminals

Ghost: Criminal communication platform compromised, dismantled by international law enforcement

Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. “AFP Operation Kraken charged a NSW man, aged 32, for creating and adminis… Continue reading Ghost: Criminal communication platform compromised, dismantled by international law enforcement

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in the near future: Horizon3.ai researchers have publis… Continue reading PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

Signal takes a quantum leap with E2EE protocol upgrade

Signal has announced an upgrade to its end-to-end encryption (E2EE) protocol to protect users of its popular messaging app from encryption-breaking attacks through quantum computers. Getting ready for quantum computing “Quantum computing represen… Continue reading Signal takes a quantum leap with E2EE protocol upgrade

Google Chrome will lose the “lock” icon for HTTPS-secured sites

In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol. The misunderstood Lock icon It took many years, but the unceasing push by Google, other browser makers … Continue reading Google Chrome will lose the “lock” icon for HTTPS-secured sites

New algorithm may change the future of secure communication

Researchers have made a significant breakthrough in secure communication by developing an algorithm that conceals sensitive information so effectively that it is impossible to detect anything hidden. The team, led by the University of Oxford in close c… Continue reading New algorithm may change the future of secure communication

Crypto audit of Threema revealed many vulnerabilities

Researchers have discovered cryptographic vulnerabilities in Swiss-based secure messaging application Threema that may have allowed attackers to do things like break authentication or recover users’ long-term private keys. The vulnerabilities have been… Continue reading Crypto audit of Threema revealed many vulnerabilities

1,900 Signal users exposed following Twilio breach

The attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal. “Among the 1,900 phone numbers, the attacker explicitly searched for three nu… Continue reading 1,900 Signal users exposed following Twilio breach

How Sky Global was Indicted for Selling Security

The point of security is to control your data. You get to decide who sees data and who does not. Both encryption and access control are designed to permit authorized people to access files, data, networks or devices and keep unauthorized people from g… Continue reading How Sky Global was Indicted for Selling Security