The Strong Case for Interoperability, Part II: Transition

October 16, 2017 / by Chuck White

Back in June, Kevin Mooney wrote an excellent piece on The Strong Case for Interoperability. Getting back to that subject matter, in perhaps not the most ideal of circumstances, we are going to talk about standards, interoperability, and transition as it pertains to resolving systemic issues. This is being driven by faults in 802.11 as described in Mathy Vanhoef’s and Frank Piessens’ paper on key reinstallation attacks released today.

Read more

The Impact of GDPR and What Encryption Can Do About It

September 26, 2017 / by Kevin Mooney

In April 2016, the General Data Protection Regulation was signed into law by the European Parliament and will be enforceable on May 25th 2018. This EU regulation lays out a wide number of policies that require businesses to protect personal data. Companies must have policies and technology controls to securely store or transfer personal data of any person residing in the EU. The way the various articles of the regulation read, this means at a minimum that data needs to be encrypted or made anonymous.

Read more

Adobe Product Security Team Accidentally Leaks PGP Private Key

September 26, 2017 / by Jon Mentzell

Adobe's Product Security Incident Response Team (PSIRT) accidentally posted their private key to the internet allowing anyone with access to either side of a conversation with the PSIRT to be able to decrypt the messages.  The Adobe security team was quick to revoke the PGP key, but it has left people with encrypted messages to Adobe in the clear.  How did it happen?

Read more

Equifax Breach: Making Sense of 'Identity' Theft

September 22, 2017 / by Steve Edwards

Equifax made news recently for being the victim of a hack; their systems were compromised and data was accessed by person(s) that weren’t authorized to have it. Unfortunately, this is not an uncommon occurrence these days. Hacks happen all the time, to companies both large and small. Individual hacks aren’t really noteworthy any more. But what is particularly noteworthy about this incident is the data that was accessed: the personal (and supposed-to-be private) information of roughly half of the US population.

Read more

Forced Features: Why Unwanted Upgrades Are Bad Security

September 15, 2017 / by Matt O'Reilly

The Telephonic Treatment

Like most people who own one, I love my smartphone.  I love that I can use Activator to keep my phone from automatically playing music, even over Bluetooth.  I love that I can select text and move the cursor without leaving the keyboard.  I love having five icons on the dock, speeding up the OS’s animations, and running a terminal session on my phone.

What I don’t love is running an old version of the OS so I don’t lose my jailbreak, and thus, all the above features.

Read more

Fornetix Awarded Patent for Breakthroughs in Encryption Key Management

August 10, 2017 / by Fornetix

Patented solution covers systems and methods for encryption key management, federation, and distribution via an interconnected, orchestrated security ecosystem.

Read more

Data Breach Hits HBO: How Do We End This?

July 31, 2017 / by Kevin Mooney

Today, HBO announced publicly that they have experienced a “cyber incident which resulted in the compromise of proprietary information.” Like many other companies, HBO also stated that “data protection is a top priority” and yet we have seen a common theme that has become more prevalent in recent years. Large companies have trouble protecting their data.

Read more

Fornetix and Cyphre Join Forces to Deliver Advanced Encryption Solutions

July 28, 2017 / by Fornetix

ASHBURN, Virginia, July 28, 2017 – Today, Fornetix® and Cyphre Security Solutions, LLC, a wholly owned subsidiary of RigNet, Inc. (NASDAQ:RNET), announce their strategic partnership to address the importance of approaching data protection in an active, continuous and programmatic way.

Read more

RackTop Teams with Fornetix to Create FIPS 140-2 Level 2 Compliant Encrypted Data Storage Solution

July 27, 2017 / by Fornetix

FULTON, Maryland, July 25, 2017 Today, RackTop Systems announced the immediate availability of its advanced secure encryption service with support for external cryptographic key management powered by Fornetix® Key Orchestration™. The enhancement enables organizations to meet strict data-at-rest encryption requirements while providing effortless, unified management of encryption keys. RackTop's advanced encryption service maintains the highest level of protection by eliminating any human interaction or knowledge of keys, pins, or passwords.

Read more

Amazon S3: Don't Kick the Bucket, Do Something About It

July 20, 2017 / by Chuck White

Over the past several weeks we’ve seen three newsworthy stories where sensitive information finds its way onto Amazon's S3 cloud storage service: NGA, WWE, and Verizon.

Read more
1 2
Page 1 of 2

Subscribe to Email Updates

Recent Posts