Encryption | CISA

Encryption ensures effective security where information cannot be intercepted and used to hinder emergency response or endanger responders and the public. The public safety community increasingly needs to protect critical information and sensitive data, particularly within land mobile radio (LMR) communications, and encryption is the best available tool to achieve that security. The resources below provide best practices and considerations for planning, implementing, and securely operating encryption with public safety communications.

Encryption in Three Minutes VideoDrawn from interviews with emergency communications practitioners nationwide, Encryption in Three Minutes presents an overview of LMR encryption in public safety operations. The video outlines encryptions role in protecting sensitive tactical and operational communications as well as the personal identifiable information and medical status of civilian patients during emergencies. Discussion focuses on implementing a practical, reliable encryption system while preserving interoperability with mutual aid partners and outside agencies. Special attention is given to selecting the most secure encryption algorithm. It is an ideal brief overview of LMR encryption aimed at community leaders and public safety administrators, officials, and responders.

Guidelines for Encryption in Land Mobile Radio SystemsAs a result from a number of security risk and vulnerability assessments, the public safety community has recognized the increasing effort to protect sensitive information transmitted over its wireless communications systems. The purpose of this document is to provide information that should be considered when evaluating encryption solutions to minimize the possibility of sensitive information being monitored, but are concerned with the cost of standards compliant encryption.

Best Practices for Encryption in P25 Public Safety Land Mobile Radio SystemsThis document addresses methods to improve cross-agency coordination and emphasizes the use of standards-based encryption to enhance secure interoperability and minimize the risk of compromising sensitive information.

Best Practices for Encryption in P25 Public Safety Land Mobile Radio Systems - Developing Methods to Improve Encrypted Interoperability in Public Safety (Fact Sheet)This document highlights best practices of key management necessary to allow encrypted operability and interoperability. These best practices are important in developing system security where encrypted interoperability is realizable. Additionally, significant planning and coordination must be undertaken to achieve encrypted interoperability on a national scale.

Considerations for Encryption in Public Safety Radio SystemsThis document examines the complex issues of why encryption may be needed during critical operations of an urgent or time-sensitive nature or when open communications may not be sufficient to protect personally identifiable and/or sensitive information. This document provides guidance to public safety users through a process to assess the need for encryption as well as the questions that must be considered.

Considerations for Encryption in Public Safety Radio Systems - Determining the Need for Encryption in Public Safety Radios (Fact Sheet)This document provides a high-level overview of all the factors public safety agencies and departments should thoroughly discuss and carefully considered before reaching a decision to encrypt their public safety radio systems.

Encryption Key Management Fact SheetDeveloped by SAFECOM and NCSWIC, in collaboration with the Federal Partnership for Interoperable Communications (FPIC), this fact sheet educates public safety organizations on how to effectively manage cryptographic keys for their radio systems.The ability for unauthorized persons to listen in on confidential and tactical information in radio transmissions has led many of these agencies to encrypt some or all radio transmissions. The document provides an overview of the various considerations for agencies desiring to encrypt their radios; summarizes what is involved in encryption and encryption key management; specifies which types of encryption are safest for use; and outlines why encryption key management is important.

Guidelines for Encryption in Land Mobile Radio Systems - Determining what Encryption Method to Use for Public Safety RadiosThis document discusses methods that may be used to ensure the privacy of sensitive public safety LMR communications. These methods mainly involve the use of a variety of encryption techniques.

Operational Best Practices for Encryption Key ManagementDeveloped by the FPIC, in collaboration with SAFECOM and NCSWIC, this document provides public safety organizations that have chosen to encrypt their radio transmissions with information on how to effectively obtain, distribute, and manage cryptographic keys. The document discusses the various types of encryption, how to obtain encryption keys, how to store them, and why it is important to periodically change encryption keys while still maintaining interoperability with partner agencies. This document, and the accompanying Encryption Key Management Fact Sheet, were published to guide public safety communications professionals on effectively managing encryption keys.

Communications Security Protecting Critical Information, Personnel, and Operations White PaperCommunications Security (COMSEC) is an integrated set of policies, procedures, and technologies for protecting sensitive and confidential information, which, if compromised, could put responders and citizens safety and privacy at risk. This white paper summarizes the threats and draws on established COMSEC principles to describe reliable approaches to secure information. It highlights encryption of message traffic, with special emphasis on maintaining interoperability through careful planning, coordination, and selection of a standard encryption algorithm.

Read the rest here:
Encryption | CISA

Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America – The Register

Facebook, Twitter, Google, Apple, and others today faced renewed pressure to protect the privacy of messaging app users seeking healthcare treatment.

Now that America has entered its post-Roe era, in which more than a dozen states have banned abortion, digital rights advocacy group Fight for the Future has called on tech companies to implement strong on-by-default end-to-end encryption (E2EE) across their messaging services to secure users' communications, and prevent conversations from being shared with police and others.

Crucially, campaigners want to ensure that people's chats discussing procedures outlawed at the state level can't be obtained by the cops and used to build a criminal case against them.

"When our messages are protected from interlopers, we can communicate freely, without the fear of being watched," said Caitlin Seeley George, Fight for the Future's campaigns and managing director, in a statement.

Tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages

"After the reversal of Roe v. Wade and with more rights cutbacks on the way, tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages."

In theory, E2EE should prevent anyone other than the two (or more) people involved in the private conversation from accessing its contents. This means that, for example, if the Facebook chats between a Nebraska teen daughter and her mom about an abortion had instead happened on a service like Signal or Meta's WhatsApp, both of which use E2EE by default, then Meta, even when served with a subpoena to turn over the private conversations, would not have been able to access their contents.

Meta, for its part, has committed to enabling default E2EE on both Messenger and Instagram "sometime in 2023," according to Meta spokesperson Alex Dziedzan.

Right now, customers have the option to enable the optional feature on both services, he added.

"The challenge for us is twofold," Dziedzan told The Register. "It's a technical one as well as a human-rights one."

Meta delivers 160 billion messages everyday across its Messenger, Instagram, and WhatsApp services, he said."Considering the size and scale, we can't afford to create a situation where messages get lost or the system falls down," Dziedzan said.

The second element, he added, addresses human rights. "How do we build end-to-end encryption in a thoughtful, critical manner? Are we building tools with enough safety for people, so they have the ability to block people? It's a massive engineering task it's not just flipping a switch," Dziedzan said.

Massive engineering task is right: Facebook staff aren't even sure where exactly people's data is stored, due to the sprawling distributed nature of the social network, which is used by billions of people every month.

Aside from Meta, none of the other messaging services responded to The Register's inquiries about their plans for E2EE.

This includes Twitter, which hasn't announced plans to implement encryption. This year it emerged that Twitter had suffered a security snafu that exposed Twitter account IDs linked to phone numbers and email addresses of a reported 5.4 million users. And, more recently, its former security boss alleged that about half of Twitter's roughly 10,000 staff have access to live production systems and user data, and that some staff quietly installed spyware on their computers on behalf of foreign intelligence.

Apple also did not respond to The Register's questions. While iMessage texts are end-to-end encrypted by default when sent between iPhones, messages between iPhone and Android devices don't use E2EE.

Google has called on Apple to "fix texting" by adopting Rich Communications Services (RCS), a protocol used by most mobile industry vendors but not the iPhone maker. So far that campaign hasn't worked.

RCS originally did not include E2EE, but Google Messages added support in late 2020; Group messages got E2E encryption this year. Google Chat, however, is not end-to-end encrypted.

Discord, which also does not use E2EE for messaging, did not respond to The Register's unencrypted requests for comments, either.

A Slack spokesperson, in an email to The Register, noted that while not E2EE, it does encrypt data at rest and data in transit.

"We also offer EKM (Enterprise Key Management), a security add-on for Slack Enterprise Grid that allows organizations to manage their own encryption keys using Amazon Key Management Service (KMS)," the spokesperson wrote.

"Slack will not share customer data with government entities or third parties unless we're legally obligated to do so and we make it our practice to challenge any unclear, overbroad, or inappropriate requests."

Go here to read the rest:
Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America - The Register

Spyware and surveillance: Threats to privacy and human rights growing, UN report warns – OHCHR

GENEVA (16 September 2022) Peoples right to privacy is coming under ever greater pressure from the use of modern networked digital technologies whose features make them formidable tools for surveillance, control and oppression, a new UN report has warned. This makes it all the more essential that these technologies are reined in by effective regulation based on international human rights law and standards.

The report the latest on privacy in the digital age by the UN Human Rights Office* looks at three key areas: the abuse of intrusive hacking tools (spyware) by State authorities; the key role of robust encryption methods in protecting human rights online; and the impacts of widespread digital monitoring of public spaces, both offline and online.

The report details how surveillance tools such as the Pegasus software can turn most smartphones into 24-hour surveillance devices, allowing the intruder access not only to everything on our mobiles but also weaponizing them to spy on our lives.

While purportedly being deployed for combating terrorism and crime, such spyware tools have often been used for illegitimate reasons, including to clamp down on critical or dissenting views and on those who express them, including journalists, opposition political figures and human rights defenders, the report states.

Urgent steps are needed to address the spread of spyware, the report flags, reiterating the call for a moratorium on the use and sale of hacking tools until adequate safeguards to protect human rights are in place. Authorities should only electronically intrude on a personal device as a last resort to prevent or investigate a specific act amounting to a serious threat to national security or a specific serious crime, it says.

Encryption is a key enabler of privacy and human rights in the digital space, yet it is being undermined. The report calls on States to avoid taking steps that could weaken encryption, including mandating so-called backdoors that give access to peoples encrypted data or employing systematic screening of peoples devices, known as client-side scanning.

The report also raises the alarm about the growing surveillance of public spaces. Previous practical limitations on the scope of surveillance have been swept away by large-scale automated collection and analysis of data, as well as new digitized identity systems and extensive biometric databases that greatly facilitate the breadth of such surveillance measures.

New technologies have also enabled the systematic monitoring of what people are saying online, including through collecting and analysing social media posts.

Governments often fail to adequately inform the public about their surveillance activities, and even where surveillance tools are initially rolled out for legitimate goals, they can easily be repurposed, often serving ends for which they were not originally intended.

The report emphasises that States should limit public surveillance measures to those strictly necessary and proportionate, focused on specific locations and time. The duration of data storage should similarly be limited. There is also an immediate need to restrict the use of biometric recognition systems in public spaces.

All States should also act immediately to put in place robust export control regimes for surveillance technologies that pose serious risks to human rights. They should also ensure human rights impact assessments are carried out that take into account what the technologies in question are capable of, as well as the situation in the recipient country.

Digital technologies bring enormous benefits to societies. But pervasive surveillance comes at a high cost, undermining rights and choking the development of vibrant, pluralistic democracies, said Acting High Commissioner for Human Rights Nada Al-Nashif.

In short, the right to privacy is more at risk than ever before, she stressed. This is why action is needed and needed now.

See the original post:
Spyware and surveillance: Threats to privacy and human rights growing, UN report warns - OHCHR

Empress EMS Announces Data Breach Leaking the Sensitive Information of 318,558 People – JD Supra

On September 9, 2022, Empress EMS reported a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after the company was the victim of what appears to have been a ransomware attack. According to Empress EMS, the breach resulted in the names, Social Security numbers, dates of service and insurance information of 318,558 patients being compromised. Recently, Empress EMS sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

News of the Empress EMS comes from the companys official filing with the U.S. Department of Health and Human Services Office for Civil Rights as well as a notice posted on the companys website. According to these sources, on July 14, 2022, Empress EMS detected a network security incident, apparently when some or all of the companys computer system was encrypted. In response, the company reported the incident to law enforcement, secured its systems, and began working with third-party data security experts to conduct an investigation.

The companys investigation confirmed that an unauthorized party first gained access to the Empress EMS system on May 26, 2022 and subsequently copied files from the network on July 13, 2022.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, Empress EMS then reviewed the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, the date you received service from Empress EMS, your Social Security number, and your insurance information.

On September 9, 2022, Empress EMS sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. According to the U.S. Department of Health and Human Services Office for Civil Rights, these letters were sent out to 318,558 people. Empress EMS is offering all people impacted by the breach with free credit monitoring and is recommending they review their healthcare statements for accuracy and contact their provider if they see services they did not receive.

Founded in 1985, Empress EMS is an ambulance services company based in Yonkers, New York. The company provides 911 emergency medical response transportation to Yonkers and neighboring communities. Additionally, Empress EMS has emergency and non-emergency response contracts throughout Westchester County with districts, hospitals, correctional institutions and private care facilities. Empress EMS employs more than 204 people and generates approximately $17 million in annual revenue.

The Empress EMS filing with the U.S. Department of Health and Human Services Office for Civil Rights did not get into too much detail about the nature of the breach. However, the company provided some additional information in a letter posted on the Empress EMS website. There, the company noted that the data breach was caused by a network incident resulting in the encryption of some of our systems.

Encryption is a process that encodes files, making them inaccessible to anyone without the encryption key (which is usually a password). People encrypt files every day to protect sensitive data from unauthorized access. However, cybercriminals also use encryption when carrying out certain types of cyberattacksusually ransomware attacks.

A ransomware attack is a type of cyberattack that occurs when a hacker or other bad actor installs malware on a companys computer network. Hackers frequently do this by sending a phishing email to an employee in hopes of getting them to click on a malicious link. Once the employee clicks on the link, it downloads the malware onto their computer. The malware then encrypts the files on the computer and may infect other parts of the network. The hackers then send management a message, demanding it pays a ransom if it wants access to its network. Once the company pays the ransom, the hackers decrypt their computer, which ends the attackat least from the companys perspective.

However, more recently hackers have started to threaten to publish any stolen data if a company refuses to pay the ransom. Once on the dark web, cybercriminals can bid on the data, which they can then use to commit identity theft and other frauds. Of course, while companies that are targeted in a ransomware attack are victims in some sense, the real victims of these attacks are the consumers whose information ends up in the hands of those looking to commit fraud.

So, while Empress EMS did not mention the words ransomware attack in its communications, because we know it involved the encryption of the companys system, there is a good chance that this was caused by a ransomware attack.

Companies not only have the resources to pay an occasional ransom, but they also have the ability (and responsibility) to implement strong data security systems designed to prevent these attacks in the first place. Victims of a data breach who would like to learn how to reduce the risk of identity theft or learn about their options to hold the company that leaked their information accountable should contact a data breach lawyer as soon as possible.

If you are one of the more than 318,000 people who were affected by the Empress EMS data breach, it is imperative that you understand what is at stake and how you can mitigate these risks. If you or a loved one received services from Empress EMS and have not yet received a letter, you can review a copy of the letter here.

Read the original here:
Empress EMS Announces Data Breach Leaking the Sensitive Information of 318,558 People - JD Supra

Microchip Unveils Industrys First Terabit-Scale Secure Ethernet PHY Family with Port Aggregation for Enterprise and Cloud Interconnect – Yahoo Finance

Microchip Technology Inc.

META-DX2+ enables OEMs to double router and switch system capacities with 112G PAM4 connectivity for 800G ports, adds encryption and Class C/D precision timing

CHANDLER, Ariz., Sept. 19, 2022 (GLOBE NEWSWIRE) -- The demand for increased bandwidth and security in network infrastructure driven by growth in hybrid work and geographical distribution of networks is redefining borderless networking. Led by AI/ML applications, the total port bandwidth for 400G (gigabits per second) and 800G is forecasted to grow at an annual rate of over 50%, according to 650 Group. This dramatic growth is expanding the transition to 112G PAM4 connectivity beyond just cloud data center and telecom service provider switches and routers to enterprise Ethernet switching platforms. Microchip Technology Inc. (NASDAQ: MCHP) is responding to this market inflection with the META-DX2 Ethernet PHY (physical layer) portfolio by introducing a new family of META-DX2+ PHYs. These are the industrys first solution set to integrate 1.6T (terabits per second) of line-rate end-to-end encryption and port aggregation to maintain the most compact footprint in the transition to 112G PAM4 connectivity for enterprise Ethernet switches, security appliances, cloud interconnect routers and optical transport systems.

The introduction of four new META-DX2+ Ethernet PHYs demonstrates our commitment to supporting the industry transition to 112G PAM4 connectivity powered by our META-DX retimer and PHY portfolio. In conjunction with our META-DX2L retimer, we now offer a complete chipset for all connectivity needs from retiming, gearboxing, to advanced PHY functionality, said Babak Samimi, corporate vice president of Microchips communications business unit. By offering both hardware and software footprint compatibility, our customers can leverage architectural designs across their enterprise, data center, and service provider switching and routing systems that can offer pay-as-you-need enablement of advanced features including end-to-end security, multi-rate port aggregation, and precision timestamping via a software subscription model.

The META-DX2+s configurable 1.6T datapath architecture outperforms the next near competitors by 2x in total gearbox capacity and hitless 2:1 protection switch mux modes enabled by its unique ShiftIO capability. The flexible XpandIO port aggregation capabilities optimize router/switch port utilization when supporting low-rate traffic. Also, the devices include IEEE 1588 Class C/D Precision Time Protocol (PTP) support for accurate nanosecond timestamping required for 5G and enterprise business critical services. By offering a portfolio of footprint-compatible retimer and advanced PHYs with encryption options, Microchip enables developers to expand their designs to add MACsec and IPsec based on a common board design and Software Development Kit (SDK).

META-DX2+ differentiated capabilities include:

Dual 800 GbE, quad 400 GbE and 16x 100/50/25/10/1 GbE MAC/PHY

Integrated 1.6T MACsec/IPsec engines that offload encryption from packet processors so systems can more easily scale up to higher bandwidths with end-to-end security

Greater than 20% board savings compared to competing solutions that require two devices to deliver the same 1.6T gearbox and hitless 2:1 mux modes

XpandIO enables port aggregation of low-rate Ethernet clients over higher speed Ethernet interfaces, optimized for enterprise platforms

ShiftIO feature combined with a highly configurable integrated crosspoint enables flexible connectivity between external switches, processors, and optics

Device variants with 48 or 32 Long Reach (LR) capable 112G PAM4 SerDes including programmability to optimize power vs. performance

Support for Ethernet, OTN, Fibre Channel and proprietary data rates for AI/ML applications

As the industry transitions to a 112G PAM4 serial ecosystem for high-density routers and switches, line-rate encryption and efficient use of port capacity becomes increasingly important, said Alan Weckel, founder and technology analyst at 650 Group, LLC. Microchips META-DX2+ family will play an important role in enabling MACsec and IPsec encryption, optimizing port capacity with port aggregation, and flexibly connecting routing/switching silicon to multi-rate 400G and 800G optics.

Like the META-DX2L retimer, the new series of META-DX2+ PHYs can be used with Microchips PolarFire FPGAs, the ZL30632 high-performance PLL, oscillators, voltage regulators, and other components that have been pre-validated as a system to help speed designs into production.

Development Tools

Microchips second-generation Ethernet PHY SDK for the META-DX2 family lowers development costs with field-proven API libraries and firmware. The SDK supports all META-DX2L and META-DX2+ PHY devices within the product family. Support for the Open Compute Project (OCP) Switch Abstraction Interface (SAI) PHY extensions are included to enable agnostic support of the META-DX2 PHYs within a wide range of Network Operating Systems (NOS) that support SAI.

Availability

The META-DX2+ family is expected to sample during the fourth calendar quarter of 2022. For additional information visit the META-DX2+ webpage or contact a Microchip sales representative.

See the META-DX2L Ethernet PHY at ECOC 2022

Microchip will be exhibiting the META-DX2L PHY device, which started sampling in the fourth quarter of 2021, in the Optical Internetworking Forum (OIF) booth at the European Conference on Optical Communication (ECOC) September 18-22, 2022, in Basel Switzerland. Microchip and other OIF members will be showcasing how multi-vendor interoperability is accelerating industry solutions for the global network in booth #701 at the Congress Center Basel.

Resources

High-res images available through Flickr or editorial contact (feel free to publish): Application image: http://www.flickr.com/photos/microchiptechnology/52336953308/sizes/l/

About Microchip Technology

Microchip Technology Inc. is a leading provider of smart, connected and secure embedded control solutions. Its easy-to-use development tools and comprehensive product portfolio enable customers to create optimal designs which reduce risk while lowering total system cost and time to market. The company solutions serve more than 120,000 customers across the industrial, automotive, consumer, aerospace and defense, communications and computing markets. Headquartered in Chandler, Arizona, Microchip offers outstanding technical support along with dependable delivery and quality. For more information, visit the Microchip website at http://www.microchip.com.

Note: The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. All other trademarks mentioned herein are the property of their respective companies.

Read more:
Microchip Unveils Industrys First Terabit-Scale Secure Ethernet PHY Family with Port Aggregation for Enterprise and Cloud Interconnect - Yahoo Finance

The Week in Ransomware – September 16th 2022 – Iranian Sanctions – BleepingComputer

It has been a fairly quiet week on the ransomware front, with the biggest news being US sanctions on Iranians linked to ransomware attacks.

On Wednesday, the US Treasury Department announced sanctions against Iranians affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their breaching of US networks and encrypting devices with DiskCryptor and BitLocker.

Researchers also released some interesting reports this week:

In ransomware attack-related news, the Yanluowang ransomware gang began leaking data stolen during a cyberattack on Cisco and the Hive ransomware claimed an attack on Bell Technical Solutions (BTS).

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw, @demonslay335, @serghei, @malwareforme, @malwrhunterteam, @BleepinComputer, @LawrenceAbrams, @Seifreed, @DanielGallagher, @VK_Intel, @FourOctets, @billtoulas, @struppigel, @PolarToffee, @fwosar, @Ionut_Ilascu, @Bitdefender, @AlvieriD, @AWNetworks, @LabsSentinel, @pcrisk, @CISAgov, and @security_score, @censysio, and @juanbrodersen.

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims' systems faster while reducing the chances of being detected and stopped.

But recently, Censys has observed a massive uptick in Deadbolt-infected QNAP devices. The Deadbolt crew is ramping up their operations, and the victim count is growing daily.

Cisco has confirmed that the data leaked yesterday by the Yanluowang ransomware gang was stolen from the company network during a cyberattack in May.

The Lorenz ransomware gang now uses a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises, using their phone systems for initial access to their corporate networks.

PCrisk found new STOP ransomware variants that append the .eemv and .eewt extensions to encrypted files.

PCrisk found the new Scam Ransomware that appends the .scam extension to encrypted files and drops a ransom note named read_it.txt.

PCrisk found the new Babuk ransomware variant that appends the .demon extension to encrypted files and drops a ransom note named How To Recover Your Files.txt.

The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks.

The Legislature of the City of Buenos Aires is slowly recovering from the cyberattack it suffered last Sunday : after changing passwords and disconnecting infected computers, they re-enabled WiFi , recovered one computer per area and continued with parliamentary work. However, they do not disclose what information was compromised or what type of attack it was.

This advisory updates joint CSA Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities, which provides information on these Iranian government-sponsored APT actors exploiting known Fortinet and Microsoft Exchange vulnerabilities to gain initial access to a broad range of targeted entities in furtherance of malicious activities, including ransom operations. The authoring agencies now judge these actors are an APT group affiliated with the IRGC.

PCrisk found a new Dharma ransomware variant that appends the .gnik extension to encrypted files.

PCrisk found a new STOP ransomware variant that appends the .eeyu extension to encrypted files.

PCrisk found a new Snatch ransomware variant that appends the .winxvykljw extension to encrypted files.

The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS).

Quantum ransomware, a rebrand of the MountLocker ransomware, was discovered in August 2021. The malware stops a list of processes and services, and can encrypt the machines found in the Windows domain or the local network, as well as the network shared resources. It logs all of its activities in a file called .log and computes a Client Id that is the XOR-encryption of the computer name.

PCrisk found a new STOP ransomware variant that appends the .eebn extension to encrypted files.

PCrisk found the BISAMWARE Ransomware that appends the .BISAMWARE and drops a ransom note named SYSTEM=RANSOMWARE=INFECTED.TXT.

Romanian cybersecurity firm Bitdefender has released a free decryptor to help LockerGoga ransomware victims recover their files without paying a ransom.

The rest is here:
The Week in Ransomware - September 16th 2022 - Iranian Sanctions - BleepingComputer

Amazon’s Ring video doorbells now have end-to-end encryption but they’re still unsafe – Mashable

Ring, everyone's least favorite technological narc, seems to be making steps to keep its footage secure.

The Amazon-owned home security system company now offers end-to-end encryption of the video and audio collected on its battery-powered video doorbells and security cameras. This comes about a year after it enabled end-to-end encryption on its plug-in devices.

End-to-end encryption prevents anyone from grabbing videos or messages as they travel between you and the person you're sending them to. That means it ensures that no one including hackers, government officials, or, ideally, the company that owns the device can read your message or watch your video while it's being sent.

This newly enabled privacy feature also means the video picked up from a Ring camera can only be accessible from the iOS or Android device linked to an owner's account. According to the Verge, if you have end-to-end encryption enabled on your Ring camera, no one but you can access the recorded footage. This change is basically increasing the security features on Ring, which already encrypts video and audio recordings by default when they're uploaded to the cloud or stored on Ring's servers.

"Even if law enforcement asked Ring, or its parent company Amazon, for the video, they couldn't provide it," according to the Verge. "Only the enrolled mobile device can unlock the video."

As Mashable previously explained, end-to-end encryption "basically takes your message, jumbles it up, sends it, and unjumbles it once it reaches your recipient. So anyone who tries to intercept your message in between you and your recipient just gets a bunch of mess instead of the message itself."

That doesn't mean your Ring video cameras are completely harmless or safe from bad actors, though. End-to-end encryption protects your privacy against anything trying to mess with your messages while they're in transit, but it doesn't protect the video metadata and also can't do anything about the recipient of your message sharing whatever information you send them.

And, ultimately, even with end-to-end encryption, there are plenty of problems tied to having a video camera doorbell like Ring.

See original here:
Amazon's Ring video doorbells now have end-to-end encryption but they're still unsafe - Mashable

Kingston Announces Hardware-Encrypted IronKey Keypad 200 USB Drive – Business Wire

FOUNTAIN VALLEY, Calif.--(BUSINESS WIRE)--Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, today announced the release of the Kingston IronKey Keypad 200 (KP200), the industrys first drive to deliver the latest FIPS 140-3 Level 3 security for your data.

The IronKey Keypad 200 is built with robust protection and flexibility of use in mind offering XTS-AES 256-bit hardware-based encryption in a feature-rich and OS-independent alphanumeric keypad. KP200 incorporates a built-in rechargeable battery, so users can unlock the drive using the keypad for easy-to-use PIN access, without using software. Once unlocked, users can access their data by plugging the drive into any device that supports USB Type-A Flash storage, making it a plug-and-play device across IT ecosystems.

KP200 is FIPS-140-3 Level 3 (Pending) certified for military-grade security, and the drives circuitry is coated with tamper-evident, tough epoxy to prevent access to its internal components without damaging them. For another level of protection, the keypad is coated with a protective polymer layer to prevent the analysis of fingerprints on the keys.

KP200 supports a multi-PIN option, allowing the use of separate Admin or User PINs. KP200 locks the User PIN after ten failed login attempts, but if both PINs are enabled the Admin can be used to restore a User PIN and access to the drive. If the Admin PIN itself is incorrectly entered ten times in a row, the built-in Brute Force attack protection will crypto-erase the drive, permanently destroying the data and resetting the device. Additionally, KP200 can safeguard against malware from untrusted systems with two different Read-Only modes, empowering Admin to write-protect the drive during a specific session or globally across all User sessions.

The Kingston IronKey KP200 is the first drive to successfully pass certification lab testing for the latest FIPS 140-3 Level 3 military-grade security level from NIST, said Richard Kanadjian, encrypted unit manager at Kingston. With no need for software and ease of use of the keypad, KP200 is the best solution for those looking for flexibility while maintaining the highest-level security for storing sensitive data on the go.

KP200 adds security enhancements for FIPS 140-3 Level 3:

- Minimum PIN length goes from 7 to 8 digits (max is 15) for stronger PIN security- No factory-preset PIN User must set up PIN upon first use- Periodic self-testing to ensure fully-functional security features KP200 will shut down if a problem is detected- Automatic shutdown under excessive thermal and voltage conditions- Enhanced Random Number Generator to strengthen encryption key generation

The Kingston IronKey Keypad 200 has available storage capacities ranging from 8GB - 128GB and is backed by a limited three-year warranty, with free technical support, and the legendary Kingston reliability. For more information, visit kingston.com.

Kingston IronKey Keypad 200

Part Number

Capacity

IKKP200/8GB

8GB IronKey Keypad 200

IKKP200/16GB

16GB IronKey Keypad 200

IKKP200/32GB

32GB IronKey Keypad 200

IKKP200/64GB

64GB IronKey Keypad 200

IKKP200/128GB

128GB IronKey Keypad 200

Kingston IronKey Keypad 200 Features and Specifications:

Kingston IronKey Keypad 200 incorporates DataLock Secured Technology licensed from ClevX, LLC. http://www.clevx.com/patents

1 Some of the listed capacity on a flash storage device is used for formatting and other functions and thus is not available for data storage. As such, the actual available capacity for data storage is less than what is listed on the products. For more information, go to Kingstons Flash Memory Guide.2 Speed may vary due to host hardware, software, and usage.3 Product must be clean and dry before use.4 Compatible systems.

About Kingston Technology Company, Inc.

From big data, to laptops and PCs, to IoT-based devices like smart and wearable technology, to design-in and contract manufacturing, Kingston helps deliver the solutions used to live, work and play. The worlds largest PC makers and cloud-hosting companies depend on Kingston for their manufacturing needs, and our passion fuels the technology the world uses every day. We strive beyond our products to see the bigger picture, to meet the needs of our customers and offer solutions that make a difference. To learn more about how Kingston Is With You, visit Kingston.com.

See the original post:
Kingston Announces Hardware-Encrypted IronKey Keypad 200 USB Drive - Business Wire

Beware, That VPN May Not Be What You Think It Is – CNET

There are some excellent, well-tested virtual private networks we recommend you try. But if you're exploring the competitive market of VPNs on your own, you're likely to find some shoddy VPNs companies that scatter hints of their dubiousness everywhere they go. Learning to identify a few of these red flags can save you hours of research and a hefty annual subscription cost for supposedly getting connected to the internet more securely.

Is the price too good to be true? Has the company been caught keeping logs? How are your connection speeds?

To save you time, here are a few of the biggest red flags to watch out for when taking your new VPN out for a test drive. And on the flip side, here are three things to look for in a VPN.

Read more: Best iPhone VPN of 2022

There's no such thing as a free lunch. Maintaining the hardware and expertise needed for large VPN networks isn't cheap. As a VPN customer, you either pay for a premium service with your dollars, or you pay for free services with your usage data when it's collected by the free VPN and bargained away to advertisers or malicious actors.

As recently as August 2019, 90% of apps flagged as potentially unsafe in Top10VPN's investigation into free VPN ownership still posed a privacy risk to users. Free VPNs can also leave you open to quiet malware installation, pop-up ad barrages and brutally slow internet speeds.

Read more: Best Free VPN 2022: Try These Risk-Free Services for a Privacy Boost

If a VPN is caught keeping or sharing user activity logs, I won't recommend it. While most VPN services claim they don't track or keep logs of user activity, that claim can sometimes be impossible to verify. In other instances, the claim falls apart publicly when a VPN company hands over internet records to law enforcement.

The latter has happened in a few cases. EarthVPN, Hide My Ass VPN and PureVPN have all been clocked by privacy advocates for handing over logs to authorities, as hasIPVanish.

To be clear, it is entirely possible to be grateful for the arrest of reprehensible scumbags while ardently advocating for consumer privacy interests. My beef isn't with any VPN company helping cops catch a child abuser via usage logs; it's with any VPN company that lies to its customers about doing so. The lie that helps law enforcement in the US catch a legitimate criminal is the same lie that helps law enforcement in China arrest a person watching footage of the 1989 Tiananmen Square protests.

Ideally, the VPN you choose should have undergone -- and published the results of -- an independent third-party audit of its operations, including its use of activity logs.

Read more: All the VPN Terms You Need to Know

Now playing: Watch this: Top 5 Reasons to Use a VPN

2:42

Another red flag to watch for when choosing a VPN is shoddy encryption standards. Users should expect AES-256 encryption or better from VPN services. Nearly every web browser and app already uses AES, often touted as "military-grade" encryption, after it was adopted by the US government in 2002. If your VPN only offers PPTP and L2TP encryption, look elsewhere.

While you're snooping around for encryption details, keep an eye out for one of our favorite phrases, "Perfect Forward Secrecy." Those three little words can have a hefty impact on your privacy: If one of your VPN's servers is ever breached, Perfect Forward Secrecy ensures that any keys used to decrypt private internet traffic quickly become useless -- giving you more security.

Read more: How We Evaluate and Review VPNs

With just a little bit of elbow grease, any moderately skilled internet jerk can throw together a service that looks like a VPN but is actually little more than a proxy service reselling your internet bandwidth. Not only can that slow your internet speed, it could potentially leave you on the legal hook for whatever they do with that resold bandwidth.

Hola's case was the most famous. The company was caught in 2015 quietly stealing users' bandwidth and reselling it to whatever group wanted to deploy its user base as a botnet. Hola CEO Ofer Vilenski admitted it'd been had, but contended this harvesting of bandwidth was typical for this type of technology.

Read more:How to Set up a VPN on our iPhone or Android Phone: Yes, You Need One

"We assumed that by stating that Hola is a (peer-to-peer) network, it was clear that people were sharing their bandwidth with the community network in return for their free service," he wrote.

Nearly all VPNs slow your browsing speed, some by as much as half. But a brutal crawl can be a sign of something worse than a simple lack of servers. So if being pressed into service as part of a botnet isn't your cup of tea, double-check those suspiciously slow speeds and the reputation of the VPN you're paying for.

For more VPN buying advice, here's how to pick the right VPN for your work-from-home setup. Plus, why we don't recommend US-based VPNs, and three things a VPN can't help you with.

See the rest here:
Beware, That VPN May Not Be What You Think It Is - CNET

Comprehensive Analysis on Email Encryption Software Market based on types and application – NewsOrigins

Added A New Report On Email Encryption Software Market That Provides A Comprehensive Review Of This Industry With Respect To The Driving Forces Influencing The Market Size. Comprising The Current And Future Trends Defining The Dynamics Of This Industry Vertical, This Report Also Incorporates The Regional Landscape Of Email Encryption Software Market In Tandem With Its Competitive Terrain.

Theresearch reporton the Email Encryption Software market includes crucial information on recent events that will havean impact on the industry dynamics between 2022 and 2026, thereby assisting stakeholders and investors in making informed decisions. Additionally, it offers a thorough examination of the major market divisions, looks at the problems that rival firms confront, and place particular emphasis on the regional context.

In essence, the study presents a thorough analysis of the regional and competitive environments, along with relevant driving forces. Lastly, the impact of COVID-19 outbreak on this marketplaceisextensively documented.

Request Sample Copy of this Report @ https://www.newsorigins.com/request-sample/61564

Important pointers from COVID-19 impact analysis:

Regional analysis overview

Other crucial aspects in the Email Encryption Software market report:

FAQs

Key insights this study will provide:

Request Customization for This Report @ https://www.newsorigins.com/request-for-customization/61564

View post:
Comprehensive Analysis on Email Encryption Software Market based on types and application - NewsOrigins