Category Archives: Encryption
Hardware Encryption Devices Market Is Expected To Witness Healthy Growth At A CAGR Of More Than 40% – Herefordshire Live – Herefordshire Live
The Latest report initiated by Evolve Business Intelligence on Hardware Encryption Devices Market provides a detailed assessment of the market size and forecast from 2020 to 2028. The global Hardware Encryption Devices market size is expected to reach $ Billion by 2028 growing at the CAGR of 40% from 2021 to 2028. Hardware Encryption is an important process that can grant your device immunity against hacks and viruses. Some applications of Hardware Encryption are seen in the Service Sector. Banks and financial institutions, for example, use it to protect their documents and files so they cannot be misused by any individual with malicious tendencies. The more stable your hardware encryption is, the more resilient it will be to outside forces. An all-time activation option can grant you full activation of hardware encryption across any service sector you might work in; the best part about this is that hardware encryption companies often accept payments online which makes it very easy for your business purposes
Get Free Exclusive Sample PDF of the report: https://report.evolvebi.com/index.php/sample/request?referer=www.herefordshirelive.co.uk&reportCode=004424
COVID-19 Pandemic has begun striking businesses across multiple sectors and industries including manufacturing, food production, automotive, aerospace & defense companies, government agencies, pharmaceutical manufacturers, and producers of oil & gas products. The repercussions of this pandemic have caused numerous knock-on effects on several worldwide markets which include the Hardware Encryption Devices Market as well as many regional economies due to temporary closedown of manufacturing facilities. End-users of these products are also suffering from decreased demand for their goods because businesses are refraining from their long-term strategies in favor of short-term survival.
Key Players profiled in Hardware Encryption Devices report:
The study provides a detailed analysis of major players in the Hardware Encryption Devices market which includes manufacturers, suppliers, and organizations, among others. The competitor analysis includes revenue regeneration, business segment analysis, and geographic presence across each country, key strategies and developments, product portfolio, and SWOT Analysis.
Global Hardware Encryption Devices Market Segmentation:
For Any Query or Customization, Ask to Our Industry [emailprotected] https://report.evolvebi.com/index.php/sample/request?referer=www.herefordshirelive.co.uk&reportCode=004424
Global Hardware Encryption Devices Market Geographic Coverage:
The Asia Pacific and North America were the major markets for hardware encryption devices in 2016 due to the expansion of I.T and telecommunication services and contributed nearly 35% of the total revenue share in 2016. Asia-Pacific and North American regions are anticipated to grow significantly during the forecast period both in terms of value and volume. Rising concerns for corporate data safety, increasing demand for confidential computing, increasing spending on information technology are among key factors favoring this market.
IMP NOTE: All our reports will be updated considering the impact of the COVID-19 scenario.
Crucial pointer covered in the report:
Hardware Encryption Devices Market Understanding: This section of our report outlines pertinent topics about the market that we have researched and the direction we see the industry heading. These include, but arent limited to segments discussed, company descriptions, and key statistics regarding customer growth. This section provides a detailed analysis of the present and future growth factors of bifurcating the market into product types, applications, and regions.
Hardware Encryption Devices Market Dynamics: This section provides a detailed analysis of the growth factors, restraining factors, and business opportunities. Additionally, the report provides a detailed COVID impact analysis affecting the market growth, along with a pinpoint focus on industry policies, regulatory framework, current issues impacting the market growth at the national/international level.
Hardware Encryption Devices Market Regional Outlook: The country section is a breakdown by country of how the production and consumption rates correspond to each other.
Hardware Encryption Devices Market Competitor Landscape: This section provides a comprehensive analysis of the market share and a deep-dive analysis of the top 10 players covered in the market report.
About EvolveBIEvolve Business Intelligence is a market research, business intelligence, and advisory firm providing innovative solutions to challenging the pain points of a business. Our market research reports include data useful to micro, small, medium, and large-scale enterprises. We provide solutions ranging from mere data collection to business advisory.
Evolve Business Intelligence is built on account of technology advancement providing highly accurate data through our in-house AI-modelled data analysis and forecast tool EvolveBI. This tool tracks real-time data including, quarter performance, annual performance, and recent developments from fortunes global 2000 companies.
AddressEvolve Business IntelligenceC-218, 2nd floor, M-CubeNH 48, Balitha, VapiGujarat 396191India
Contact: +1 773 644 5507 / +91 635 396 3987Email: [emailprotected]Website: https://evolvebi.com/
Read more here:
Hardware Encryption Devices Market Is Expected To Witness Healthy Growth At A CAGR Of More Than 40% - Herefordshire Live - Herefordshire Live
WhatsApp launches encryption in iCloud and Google Drive backups – InTallaght
The Facebook messaging app has been announcing many new features in all facets of the application in recent months. We are not just talking about the interface, its design or new functions to send or receive messages with greater privacy. Since now we have known that one of the most anticipated functions finally reaches the app, which had already advanced that it would arrive at some point, and today it finally announces it definitively. We talked about the solution to a problem that the messaging app had always been blamed for, the vulnerability of backup copies of chats in iCloud and Google Drive.
At last there are encrypted backups
WhatsApp is the leading global messaging service to offer * both * end-to-end encrypted messaging and backups on iCloud or Google Drive.
So you can make sure that besties voice messages and mums secret recipe will be safely stored in a place only you can access.
WhatsApp (@WhatsApp) September 10, 2021
It has been through the WhatsApp account on Twitter that we have finally learned that the backup copies of the chats in the main cloud services they will be end-to-end encrypted. In this announcement, it has been advanced that this function will reach all users, which will finally close one of the largest known vulnerabilities in the messaging app. And it is that the problems regarding the backup of the chats in the cloud are long, so it is a long-awaited solution.
The problem so far has been that while the chats on our phone are protected by end-to-end encryption, which prevents anyone from reading the messages, even if they intercept the data (it can only be done with a password saved on our mobile) in the case of backup copies of chats in Google Drive and iCloud you were not encrypted, and are stored as plain text. This means that if such damage falls into the hands of others by an attack of any kind, they will be able to read all our messages without any problem, since it is not necessary to decrypt them with a password.
Therefore, what WhatsApp has now announced that this functionality comes imminently to all chats saved in the cloud. WhatsApp has wanted to get chest out and remember that doing this has been a challenge. From what the firm has revealed now, it seems that the work has been arduous, and they have had to redo from top to bottom all the code that takes our chats to the cloud of Google and Apple.
Read more:
WhatsApp launches encryption in iCloud and Google Drive backups - InTallaght
WhatsApp boosts end-to-end encryption – BusinessTech
Facebook chief executive officer Mark Zuckerberg said the company is expanding end-to-end encryption on its WhatsApp messaging service.
Texts sent on WhatsApp are already protected so that they can only be seen by the sender and recipient. People have been able to back up their messages in the cloud, using Alphabet Incs Google Drive and Apple Incs icloud. But, while WhatsApp doesnt have access to those backups, Apple and Google potentially do.
Now, Facebook will allow users to choose to enable end-to-end encryption on their backups as well, meaning neither WhatsApp nor the cloud-service providers will be able to access them.
Were adding another layer of privacy and security, Zuckerberg said in a blog post Friday. WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge.
The move arrives as Facebook faces scrutiny over its privacy policies for the messaging service. Earlier this week, ProPublica published a report highlighting how contract workers sift through millions of private messages that have been flagged by users as potentially abusive. The nonprofit investigative organization subsequently made clear that WhatsApp doesnt break the end-to-end encryption.
Meanwhile, government officials have been encouraging Facebook and other tech companies to roll back encryption of messaging products to make investigating crimes easier.
Read: WhatsApp testing feature to transcribe voice notes to text
More here:
WhatsApp boosts end-to-end encryption - BusinessTech
WhatsApp to offer encryption on cloud backups: Heres all you need to know – India Today
The most popular instant messaging platform in the world, WhatsApp, will now let its users encrypt the backups of their messages. It is the first global messaging service on this scale to offer end-to-end encrypted messaging and backups.
Talking about the new feature, Mark Zuckerberg said, 'Getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems.' (sic)
End-to-end encryption is a system of communication where only the communicating users can read the messages. It usually refers to the data in motion being transferred from one users device to another users device.
It means that only you will be given the option to back up your chats to Apple iCloud or Google Drive, depending on whether you are using an iPhone or an Android phone.
No one but only you will have the encryption key to unlock your stored backup.
This will make the backups unreadable without an encryption key. All users who opt into encrypted backups will be asked to save a 64-digit encryption key or create a password that is tied to the key.
When a user creates a password to their accounts encryption key, WhatsApp will back up the associated key in a physical hardware security module, and can be unlocked only when the correct password is entered on WhatsApp.
The hardware security module (HSM) provides the encryption key that in turn decrypts the accounts backup that is stored on either Apple or Googles servers. A key stores in WhatsApps HSM vaults will become permanently inaccessible if repeated password attempts are made.
HSM will act like a safety deposit box for encrypting and decrypting digital keys.
Click here for IndiaToday.ins complete coverage of the coronavirus pandemic.
See more here:
WhatsApp to offer encryption on cloud backups: Heres all you need to know - India Today
London’s Top Cop Says ‘Big Tech,’ Encryption Are Letting The Terrorists Win – Techdirt
from the applying-excessive-force-to-a-horse's-corpse dept
Dame Cressida Dick -- the former National Policing Lead for Counter-Terrorism -- has had an op-ed published by The Telegraph that leverages the anniversary of the 9/11 attacks to advocate for less privacy and security for routine targets of terrorist attacks: everyday people without powerful government positions.
Writing from her latest official position -- that of Metropolitan Police Commissioner -- Dame Dick says the War on Terror can be won sort of. (Paywalled but here's an alternate link.)
The future, as ever, is uncertain - as exemplified by the situation in Afghanistan as we wait to see how events there might once again impact on the terrorism landscape. But as I reflect on what has passed since 9/11, I am confident that we continue to develop the exceptional tools and capabilities that will give our counter-terrorism officers the best chance of successfully confronting the threats that will emerge over the next 20 years.
That's just a small part of it. It's headlined by this declaration by the Police Commissioner:
Terrorists seek to divide us -- they won't win
Not so fast, Cressida. Right in the middle of your own op-ed is an admission the terrorists have won, at least using these metrics.
The threat of sophisticated terrorist cells being directed from overseas has been added to by that of the individuals carrying out rudimentary attacks with very little planning or warning. The current focus on encryption by many big tech companies is only serving to make our job to identify and stop these people even harder, if not impossible in some cases.
And there it is: the thing that divides us. Government officials continue to insist that if encryption can be used by terrorists and criminals, then it really shouldn't be accessible to all the non-terrorists who use it to secure their personal information and communications. If the end goal of terrorist attacks is to drive a wedge between the public and their public servants, mission accomplished.
The public would like to have actual security. The government would prefer the illusion of security: a nonexistent form of encryption that only allows good guys to peek in on "secure" communications. And, on the flip side, these officials believe the only people who really "need" encrypted communications are criminals and terrorists since they have the most to hide. If that's the only real market for encryption, then non-terrorists should be happy using insecure communications options because they have nothing to hide and nothing to fear from their governments.
And while we're on the subject of reasoning that's mostly circular, The Telegraph manages to close its own loop by dropping a link in Dame Cressida Dick's op-ed. That link takes you to this article ("Tech giants are making it impossible to stop terrorists, says Dame Cressida Dick"), which opens with this:
Tech giants are making it impossible to identify and stop terrorists carrying out deadly attacks, Dame Cressida Dick warns on the 20th anniversary of the 9/11 atrocity.
The Metropolitan Police Commissioner - who was granted a two-year extension on her contract on Friday - said the introduction of end-to-end encryption, which allows users to message one another in complete secrecy, was giving terrorists an advantage over law enforcement.
Companies such as Facebook have argued that introducing encryption will improve privacy for their customers.
But writing in The Telegraph, Dame Cressida warns that terrorists are exploiting such technological advances to radicalise people and direct attacks around the world.
That last link takes you back to Cressida's op-ed, which contains one paragraph about Big Tech and encryption -- a paragraph that is quoted in its entirety further down the page in this separate article. The op-ed links to the article which links to the op-ed which links to the article. It's a neat trick, one that makes one hand clapping sound like applause. One could theoretically spend hours opening each self-referential link, allowing Dick's single argument to become a groundswell movement that gradually consumes every last bit of available RAM (mainly looking at you, Chrome).
And that's as good a metaphor as any for the anti-encryption agitation of officials like the Dame. Like other law enforcement officials who would like to see encryption backdoored if not eliminated completely, the Dame's attacks on encryption appear to operate under the theory that if someone says something often enough, and authoritatively enough, then some people are going to believe these assertions are true.
And at the end of all of this, it must be pointed out that the split between law enforcement officials and security experts continues to increase. But the terrorists didn't cause this split. The War on Terror did. The response to the 9/11 attacks was a power grab by the government, which suddenly had the justification it needed to curtail rights and liberties it often found inconvenient. And now it's Big Government complaining about Big Tech, using terrorism as an excuse to undermine security for everyone.
Thank you for reading this Techdirt post. With so many things competing for everyones attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise and every little bit helps. Thank you.
The Techdirt Team
Filed Under: cressida dick, encryption, london, metropolitan police, terrorism
Read the original:
London's Top Cop Says 'Big Tech,' Encryption Are Letting The Terrorists Win - Techdirt
Zoom unveils new security features including end-to-end encryption for Zoom Phone, verified identities and… – ZDNet
Zoom announced a slate of new security features users can take advantage of as the school year begins and millions continue to work and learn remotely.
At Zoomtopia, the company announced that end-to-end encryption, which they rolled out last October in Zoom Meetings, will now be available for Zoom Phone users.
Zoom Phone users can upgrade to end-to-end encryption "during one-on-one phone calls that occur via the Zoom client."
"During a call, users can click 'More' to find the option to enable end-to-end encryption. The upgrade takes under a second and helps users get security protection against server compromise," the company explained in a statement.
"Users can optionally exchange security codes over the voice channel to rule out the presence of a 'meddler in the middle.' E2EE for Zoom Phone will be available in the coming year."
Zoom also announced two other features designed to enhance the security of its platform: Bring Your Own Key (BYOK) and Verified Identity.
BYOK was designed to help customers who have to deal with stringent compliance requirements or data residency needs. The tool allows users to manage their own encryption keys, creating a system where people will own and manage a key management system in AWS. The system will contain a customer master key that Zoom cannot access or see.
"Zoom will interact with the customer's KMS to obtain data keys for encryption and decryption and will use these data keys to encrypt and decrypt customer assets before those assets are written to long-term storage. Zoom will not store plaintext data keys in long-term data storage," Zoom explained in a statement.
"BYOK is a separate offering from E2EE and is not designed for real-time use cases like streaming video. It's best used for the secure storage of larger assets, such as recording files. BYOK will roll out as a customer beta in the coming months for recordings for Zoom Meetings, recordings for Zoom Video Webinars, Zoom Phone voicemails and recordings, and calendar for Zoom Rooms."
Verified Identity was built to help address the growing sophistication of social engineering and phishing attacks. The Verified Identity feature allows users to determine if a meeting guest is actually who they say they are.
Zoom said the tool would helpusers who deal with classified information, specialized services and more. Multi-factor authentication is used to vet users entering a meeting. The tool asks you to identify your role in an organization, your credentials and the network you use. It also provides information about your device, authentication apps, codes, biometrics and email addresses.
It also uses passwords, security questions and profile information to verify users.
"To make attestation and authentication integral to the Zoom experience, we're working with Okta to help verify users as they join Zoom Meetings. Once they're in a meeting, a user will have a checkmark next to their name and can share their verified profile information -- including name, email address, and company domain -- with meeting participants," Zoom explained.
"Meeting hosts can use in-meeting security controls to remove a participant if for some reason they are not verified, or the displayed information seems incorrect. Displaying verified profile information via Okta will be available sometime next year and is the start of Zoom's long-term identity attestation and verification initiative strategy."
See more here:
Zoom unveils new security features including end-to-end encryption for Zoom Phone, verified identities and... - ZDNet
Light Start: WhatsApp rolls out backup encryption, LG is more attractive, Google goes dark and iPhones only laak gud vaabs Stuff – Stuff Magazines
Google is the next to go dark
In case you havent noticed, and at the risk of sounding dramatic, the dark mode revolution is upon us and will consume everything given enough time. Dark mode users rejoice as Google.com will soon offer a dark mode. If all of that went over your head, allow us to change your life for the better.
If you didnt know, the advances in science and technology have allowed us to make our apps darker. Gone are the days of receiving a text a few minutes after turning out the light, going to read the text and your phone screen burning your retinas. You need not suffer anymore. Google.com is by no means the first implementation of a dark mode, but it is an indication that the practice is becoming more mainstream.
Google says the feature is rolling out from today. To check if you can enable it, head to the Google home page in our case google.co.za and look for the settings button in the bottom right corner. From the popup menu choose search settings. On the right, you should see a few options, one of which will be Appearance, you can enable dark mode in there. If you dont see it yet (like us) then youll need to wait a bit longer.
Source: ArsTechnica
Read the original:
Light Start: WhatsApp rolls out backup encryption, LG is more attractive, Google goes dark and iPhones only laak gud vaabs Stuff - Stuff Magazines
Insights on the Hardware Encryption Global Market to 2026 – by Algorithm & Standard, Architecture, Product, Application and Region – PRNewswire
DUBLIN, Sept. 13, 2021 /PRNewswire/ -- The "Hardware Encryption Market: Global Industry Trends, Share, Size, Growth, Opportunity and Forecast 2021-2026" report has been added to ResearchAndMarkets.com's offering.
The global hardware encryption market exhibited strong growth during 2015-2020. Encryption refers to the process of utilizing an algorithm to convert information or data into codes to prevent any unauthorized access. It protects sensitive data by transforming it into an unreadable ciphertext which can be decrypted using an encryption key. These types of encryption utilize a dedicated processor, which aids in the tasks of authentication and encryption. This processor is physically located on the encrypted drive which often generates the encryption key that can be unlocked using the user's password. Since it protects the data against threats, such as cold boot, malicious code and brute force attacks, it is widely being adopted across diverse industry verticals, including banking, corporate, IT & Telecom, healthcare, etc.
Escalating adoption rates of portable storage devices which are used to transfer information between computers and create backup are one of the major factors contributing to the market growth. Hardware encryption devices offer efficient confidentiality of personal data from unauthorized access, which has positively influenced their sales globally. Furthermore, the rising cases of cyber-attacks have led private organizations as well as governments to make a shift toward hardware encryption as these systems are more resilient and deliver faster performance when compared with software encryptions. Moreover, the increasing sales of consumer electronics have led smartphone manufacturers to include fingerprint scanners in their devices. This protects the privacy of the users as well as makes the process of encryption and decryption faster. Looking forward, the publisher expects the global hardware encryption market to grow at a CAGR of around 30% during the forecast period (2021-2026).
Competitive Landscape:
The report has also analysed the competitive landscape of the market with some of the key players being Gemalto NV, IBM Corp., Imation Corp., Maxim Integrated Products, Micron Technology, Netapp, Samsung Electronics, SanDisk Corporation, Seagate Technology, Thales, Toshiba Corp., Western Digital Corp., Western Digital Technologies, Winmagic, etc.
Key Questions Answered in This Report:
Key Topics Covered:
1 Preface
2 Scope and Methodology
3 Executive Summary
4 Introduction4.1 Overview4.2 Key Industry Trends
5 Global Hardware Encryption Market5.1 Market Overview5.2 Market Performance5.3 Impact of COVID-195.4 Market Forecast
6 Market Breakup by Algorithm and Standard6.1 Advanced Encryption Standard (AES)6.1.1 Market Trends6.1.2 Market Forecast6.2 Rivest-Shamir-Adleman (RSA)6.2.1 Market Trends6.2.2 Market Forecast6.3 Others6.3.1 Market Trends6.3.2 Market Forecast
7 Market Breakup by Architecture7.1 Field-Programmable Gate Arrays (FPGA)7.1.1 Market Trends7.1.2 Market Forecast7.2 Application-Specific Integrated Circuits (ASIC)7.2.1 Market Trends7.2.2 Market Forecast
8 Market Breakup by Product8.1 External Hard Disk Drives8.1.1 Market Trends8.1.2 Market Forecast8.2 Internal Hard Disk Drives8.2.1 Market Trends8.2.2 Market Forecast8.3 lnline Network Encryptors8.3.1 Market Trends8.3.2 Market Forecast8.4 USB Flash Drives8.4.1 Market Trends8.4.2 Market Forecast8.5 Others8.5.1 Market Trends8.5.2 Market Forecast
9 Market Breakup by Application9.1 Consumer Electronics9.1.1 Market Trends9.1.2 Market Forecast9.2 IT & Telecom9.2.1 Market Trends9.2.2 Market Forecast9.3 Transportation9.3.1 Market Trends9.3.2 Market Forecast9.4 Aerospace and Defense9.4.1 Market Trends9.4.2 Market Forecast9.5 Healthcare9.5.1 Market Trends9.5.2 Market Forecast9.6 BFSI9.6.1 Market Trends9.6.2 Market Forecast9.7 Others9.7.1 Market Trends9.7.2 Market Forecast
10 Market Breakup by Region
11 SWOT Analysis
12 Value Chain Analysis
13 Porters Five Forces Analysis
14 Competitive Landscape14.1 Market Structure14.2 Key Players14.3 Profiles of Key Players14.3.1 Gemalto NV14.3.1.1 Company Overview14.3.1.2 Product Portfolio14.3.2 IBM Corp.14.3.2.1 Company Overview14.3.2.2 Product Portfolio14.3.3 Imation Corp.14.3.3.1 Company Overview14.3.3.2 Product Portfolio14.3.4 Maxim Integrated Products14.3.4.1 Company Overview14.3.4.2 Product Portfolio14.3.4.3 Financials14.3.4.4 SWOT Analysis14.3.5 Micron Technology14.3.5.1 Company Overview14.3.5.2 Product Portfolio14.3.5.3 Financials14.3.5.4 SWOT Analysis14.3.6 Netapp14.3.6.1 Company Overview14.3.6.2 Product Portfolio14.3.6.3 Financials14.3.6.4 SWOT Analysis14.3.7 Samsung Electronics14.3.7.1 Company Overview14.3.7.2 Product Portfolio14.3.7.3 Financials14.3.7.4 SWOT Analysis14.3.8 SanDisk Corporation14.3.8.1 Company Overview14.3.8.2 Product Portfolio14.3.9 Seagate Technology14.3.9.1 Company Overview14.3.9.2 Product Portfolio14.3.10 Thales14.3.10.1 Company Overview14.3.10.2 Product Portfolio14.3.11 Toshiba Corp.14.3.11.1 Company Overview14.3.11.2 Product Portfolio14.3.11.3 Financials14.3.11.4 SWOT Analysis14.3.12 Western Digital Corp.14.3.12.1 Company Overview14.3.12.2 Product Portfolio14.3.12.3 Financials14.3.12.4 SWOT Analysis14.3.13 Western Digital Technologies14.3.13.1 Company Overview14.3.13.2 Product Portfolio14.3.14 Winmagic14.3.14.1 Company Overview14.3.14.2 Product Portfolio
For more information about this report visit https://www.researchandmarkets.com/r/6v5kst
Media Contact:
Research and Markets Laura Wood, Senior Manager [emailprotected]
For E.S.T Office Hours Call +1-917-300-0470 For U.S./CAN Toll Free Call +1-800-526-8630 For GMT Office Hours Call +353-1-416-8900
U.S. Fax: 646-607-1904 Fax (outside U.S.): +353-1-481-1716
SOURCE Research and Markets
http://www.researchandmarkets.com
Read the original here:
Insights on the Hardware Encryption Global Market to 2026 - by Algorithm & Standard, Architecture, Product, Application and Region - PRNewswire
Revenant REvil. WhatsApp offers encryption. Hortum spyware in Turkey. Update on the UN data breach. Healthcare breaches disclosed. – The CyberWire
At a glance.
Last week we noted the servers of recently folded ransomware gang REvil, known for attacks on companies like JBS, Kenneth Cole, and most recently Kaseya, had suddenly sprung to life. While it seemed too soon to say for sure REvil was back in business, it seems where theres smoke, theres fire. Bleeping Computer confirms that REvil has returned, and while some experts thought REvil might undergo a rebrand, instead it seems theyve simply restored their old servers and are operating under the same name. Victims listed on the gangs Tor-hosted negotiation site have had their ransom payment deadlines reset, and evidence of new attacks include a new REvil ransomware sample and screenshots of data stolen from a new victim. Flashpoint adds that REvils frontman, formerly known as Unknown or UNKN, has been replaced on underground Russian-language forum Exploit with a spokesman bearing the less creative alias REvil. Though some speculate that REvils reemergence could be connected to talks between US President Joe Biden and Russias Vladimir Putin and the lifting of sanctions on companies involved in the Nord Stream 2 pipeline, other experts say theres no evidence of a link.
Messaging giant WhatsApp has made the controversial move to allow users to backup their conversations in the cloud in an encrypted format, TechCrunch reports. WhatsApp has always employed end-to-end encryption, but until now users were only able to store their conversations unencrypted, meaning intruders or law enforcement could potentially access these messages. Though WhatsApp, which considers itself at the forefront of user privacy, has declined to say whether it discussed the change with government bodies, the change is revolutionary as the platform is the first to put the brakes on what some see as a privacy violation. The Wall Street Journal sees the move as the latest blow in the ongoing battle between platforms seeking to increase user privacy and authorities who want access to the treasure trove of potential evidence. Riana Pfefferkorn of the Stanford Internet Observatory notes that the new encryption feature is not the default, meaning there will likely be many users who do not opt to turn it on. That said, WhatsApp says the feature will allow users a way to save messages without the prying eyes of Apples new controversial scanning system.
Zero Day recounts the tale of how Turkish National Police (TNP) might have been involved in police-on-police surveillance using a spyware platform called Hortum (or hose in Turkish). To snoop on members of the influential Glenist movement. The religious-political organization led by Fethullah Glen, a Turkish imam and scholar based in the US, is considered a threat by those who fear the Glenists are plotting an uprising against the Turkish government. Leaked emails show evidence of communications between Italian tech firm Hacking Team, creator of the spyware, and a chief inspector in the IT department of the TNP Intelligence Division, where a police chief and superintendent were arrested in 2016 under suspicion of Glenist involvement. Though there are no clear answers, the story highlights how difficult it is to investigate the use of spyware when the authorities might be the perpetrators.
Digital Journal looks at the recent UN data breach and sees evidence, not of technically sophisticated threat operations, but rather of thoughtful use of social engineering and the resources available in the criminal-to-criminal market, particularly resources taking the form of stolen credential offered for sale.
We received comments on the incident from Neil Jones, Cybersecurity Evangelist, Egnyte, who sees a lamentable tendency on the part of potential victims to overlook reasonably prudent security measures:
"The cyberattack that breached the computer systems at the United Nations is concerning in that it hit so close to the center of global power -- but its a real disaster for the IT team responsible for UN's file security. This particular attack is especially concerning, because smaller nation-states have been looking to the UN for critical leadership, as they navigate the COVID-19 pandemic.
"Unfortunately, far too often methods and tools are being employed that dont meet the security and control needs of an organization, particularly a large Non-Government Organization like the UN. Security should be viewed as way more than a checklist. The best solutions fit in a broader sense of governance but still make it easy to share files with anyone, without compromising users' security and control.
"The reality is that all content and communications are vulnerable without proper data governance, and it is imperative that organizations protect the data itself. This type of security incident occurs regularly, particularly in decentralized settings like the United Nations and the mission-critical systems they use to communicate with hundreds of global nation-states on a daily basis. If secure file collaboration tools with suspicious log-in capabilities are implemented correctly, they can render cybercriminals attacks ineffective. Used in a case like this where adversaries were able to infiltrate the network and grind activities to a halt, the systems themselves would have been inaccessible to outsiders, and the valuable data would have remained protected."
Danny Lopez, CEO of Glasswall, draws lessons about the necessity for taking better care of employees, especially during on- and off-boarding:
Attacks like these demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers it is crucial to strengthen all processes relating to access verification. Without a zero trust approach organisations run the risk of attackers having a free reign across a network once they are inside.
"Reports of a data breach at the UN are troubling, given the importance of the work being done by this organisation. There is speculation that the breach occurred due to UN credentials being traded online. Forensic analysis will most likely reveal more details in the coming days, but for now it's worth underlining the importance of good security practice.
"Organisations like the UN need to adopt robust processes for onboarding and offboarding employees and affiliates that may receive access to key information systems. It's vital to control privileged access and to monitor those that enjoy that administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible, is a vital defence where user credentials find their way into the public domain. This will help to limit the blast radius, and in most cases, defeat the data breach.
"Even if all procedures and policies are well executed, then there's no escaping the fact that adversaries are constantly looking to probe vulnerabilities and to insert malware into the environment, often using everyday business documents which we all use. It's vital that organisations like the UN invest in cyber protection services that stay ahead of attackersby eliminating the threats while still allowing employees to do their vital work."
And Steve Moore, chief security strategist at Exabeam, notes that compromised credentials have become a pervasive problem for organizations of all kinds and sizes:
The United Nations' networks are home to a breadth of sensitive international relations and security data that, in the wrong hands, could put global government officials, citizens and even peace between nations at risk. The intergovernmental organization confirmed this week that its systems were compromised following credentials for internal software being found in criminal marketplaces.
"The UN is not alone. Comprised credentials are the reason for 61% of breaches today. To remediate incidents involving user credentials and respond to adversaries, organizations must move fast and consider an approach that is closely aligned with monitoring user behavior - to provide the necessary context needed to restore trust, and react in real time, to protect user accounts. This should include the ability to understand normal in your network, to detect, using behavioral characteristics, to identify when abnormal events have occurred.
California-based LifeLong Medical Care hasbegun notifyingmore than 115,000 individuals that their personal data (names, Social Security numbers, dates of birth, patient cardholder numbers, and information concerning both treatment and diagnosis) have been compromised. Another healthcare provider, Arizona-based Desert Wells Family Medicine, has recentlyinformed35,000 patients that their EHR data were compromised in a ransomware attack.
Sascha Fahrbach, Cybersecurity Evangelist atFudo Security, commented that the PII held by healthcare providers continues to be valuable, and hence an attractive target for cybercriminals:
"These latest attacks show that the healthcare industry, with its valuable PII, continues to be a tempting and lucrative target for hackers and insiders.There were more than 600 healthcare data breaches last year, with more than 22 million people affected, and unfortunately this trend shows no sign of slowing down. Healthcare operators need to reassess their security posture, as well as shifting their mindset, when it comes to safeguarding their data.
"In particular, third parties remain a security liability which needs to be urgently addressed. Many in the healthcare industry are not taking the proper steps to mitigate third-party remote access and third-party vendor risk.As seen with LifeLong Medical Care, this could expose organizations to data breaches, and the risk of costly non-compliance penalties.
"One of the key steps IT teams should take to protect their data is to evaluate the privilege access they are granting to their employees, partners and vendors, as privileged users are one of the most sought after targets by attackers.Taking a holistic approach, which includes a zero trust strategy and tools for monitoring and managing access,will greatly help mitigate these threats."
Read the rest here:
Revenant REvil. WhatsApp offers encryption. Hortum spyware in Turkey. Update on the UN data breach. Healthcare breaches disclosed. - The CyberWire
Secure cloud storage: which are the most secure providers? – ITProPortal
The best cloud storage platforms are designed to enable you to store files, data, and other information in a secure environment. Once youve created an account and uploaded your files to your chosen secure cloud storage platform, you will be able to access them from anywhere with an internet connection.
However, some services really dont perform well on the security front. In theory, your files may be encrypted and stored away from hackers and other malicious third parties, but things arent always as good as they seem.For example, many of the most popular platforms actually control your encryption keys, which essentially means that they can access your data if required.
They may be forced to do this by law enforcement, or hackers may cause a data breach resulting in leaked information.Fortunately, truly secure cloud storage solutions do exist. These generally use zero-knowledge encryption, which means that you have full control over who can view your files.
Versatile administrator controls are usually available, and all data is stored in highly secure, well-maintained data centers.For those looking for the best cloud storage for business, these elements are particularly important and key to have in place when it comes to your confidential, vital business data and information.
Below, we take a close look at the leading secure cloud storage platforms on the market today. We focus on encryption, data safety, and all-around security practices, alongside other noteworthy features.
1. IDrive: the best secure cloud storage providerIDriveoffers lots of storage for incredibly reasonable prices, end-to-end and at-rest encryption for files, and a private key that can be created to enable zero-knowledge encryption too. It supports unlimited devices, provides extensive file versioning, and other top features including data center security measures.View Deal
2. pCloud: a security leader in cloud storagepCloud provides encryption services across the board, not least via its pCloud Encryption add-on, which includes zero-knowledge architecture as well as client-side encryption. For business plans meanwhile, user and access controls are available, with the encryption add-on only $4.99 a month on top of subscriptions.View Deal
Our pick of the best secure cloud storage providers available is IDrive, thanks to its range of excellent secure storage solutions for individuals and businesses. Configurable storage and backups, alongside multi-device compatibility, are top features only enhanced by zero-knowledge and at-rest encryption on all files.
pCloud follows closely behind, its pCloud Encryption paid add-on providing advanced zero-knowledge and client-side encryption for an extra $4.99 a month, while business plans benefit from user and access controls as well as multi-device capabilities.
SpiderOak meanwhile is the leader in zero-knowledge, with advanced end-to-end encryption only adding to its zero-knowledge policy, which means the company and its staff cannot access any of your data or information. We also recommend that you consider Sync.com, Tresorit, MEGA, NordLocker, and IceDrive when considering which secure cloud storage solution might be right for you or your business.
Best configurable secure cloud storage
Automatic backups: Yes | Zero-knowledge encryption: Optional | At-rest encryption: Yes | Support: Phone, live chat, email, online form submission
Compatible with various devices
Uses full end-to-end encryption
Configurable backups
Support for unlimited devices
User interface can be a little confusing
Upload and download speeds are a little slow
IDrive is a leading cloud storage provider, and it offers excellent secure storage solutions for businesses of all sizes. Its known for its configurability, which essentially enables you to specify exactly how you would like files to be stored and how backups should work.
In addition, IDrive offers excellent multi-device compatibility. In fact, accounts can be used with unlimited devices, including on mobile and desktop. End-to-end and at-rest encryption is used throughout, and you can create a private key to enable zero-knowledge encryption.
All of IDrives data centers are located within the USA. They are designed with multiple failsafes, and they employ industry-standard security measures to prevent physical data breaches.
Theres a basic free plan with 5GB of storage, but you will need to upgrade to a premium subscription for full access to all tools and features. Prices start from $59.62 a year for a single user license with 5TB of storage.
It is worth noting that IDrive does have a few small flaws. Upload and download speeds can be slower than average. The user interface is also a little confusing, and you may find it hard to navigate at the beginning.
Find out more in our comprehensive IDrive review; across our comparison features pitting IDrive vs Backblaze and IDrive vs OneDrive; and in our interview with IDrive's CEO Raghu Kulkarni, who discusses its most important recent successes, the impact of COVID-19 on the sector, and the future.
Best overall secure cloud storage platform
Automatic backups: Yes | Zero-knowledge encryption: With add-on | At-rest encryption: Yes | Support: Email
Generous 10GB of free storage
Excellent file-sharing tools
Leading client-side encryption practices
Fast and easy to use
Support is a little basic
The free plan has limited tools
Zero-knowledge encryption is a premium add-on
Swiss-based pCloud is one of the worlds leading cloud storage providers. Its one of our top choices when it comes to secure cloud storage, and it should be easy to see why.
For starters, pCloud provides all of the expected encryption services across the board. Advanced zero-knowledge and client-side encryption is available through the pCloud Encryption add-on, which costs a relatively small $4.99 a month.
The cheapest business plans also offer excellent value for money. Prices start from just $9.99 per user a month for 1TB of storage per user. Admin team members will benefit from a suite of user and access controls, and there are numerous other tools available to streamline the cloud storage process.
In addition, pCloud offers excellent multi-device capabilities. Its available across all popular mobile and desktop operating systems, and its user interface is streamlined and intuitive across the board.
On the downside, collaboration tools are notably lacking. The free version is a little limited, and customer service is basic, at best.Learn more in our full pCloud review, and in our interview with the company's Ivan Dimitrov, who covers the company's future plans, its growth amid a larger industry, and the impacts of COVID-19.
Excellent zero-knowledge storage solutions
Automatic backups: Yes | Zero-knowledge encryption: Yes | At-rest encryption: Yes | Support: Email, live chat
Support for unlimited devices
Point-in-time recovery tools
Tight security all-around
Tidy desktop app
Quite expensive
Phone support is absent
Limited mobile support
SpiderOak offers advanced secure cloud storage solutions through its SpiderOak One product. This enables you to create full backups of all of your files and other data, storing it in a safe cloud environment.
Like most of the providers on this list, SpiderOak offers advanced end-to-end encryption. It has a strict No Knowledge policy, which means that the company and its employees will never have access to your files or any information associated with them. The point-in-time recovery tools are excellent, enabling you to restore previous versions of files or folders.
In addition, all plans come with support for unlimited devices. Prices are a little high, though, with the base 150GB plan costing $6 a month. Theres a 21-day free trial that you can use to test the platform.
Unfortunately, theres very limited mobile support. The desktop client is attractive and beginner-friendly, though, which is nice to see.Read our detailed SpiderOak review to find out more.
Advanced zero-knowledge encryption
Automatic backups: Yes | Zero-knowledge encryption: Yes | At-rest encryption: Yes | Support: Email
Excellent zero-knowledge encryption
Streamlined file sharing
Unlimited storage options
Support is limited to email
Few third-party integrations
Limited collaboration tools
Sync.com is a clear industry leader, and it focuses on data security and privacy across the board. Its known for its advanced end-to-end, zero-knowledge encryption, which basically means that no one will be able to access your data except for you.
The secure sharing tools on offer here stand out as excellent. You can set clear access permissions and control which users have what sort of access. For example, you can set permissions to read-only or read-write as necessary.
On the security front, Sync.com offers advanced two-factor authentication tools. Its compliant with regulations in various parts of the world, including the USA, Canada, and the EU. All data centers are highly secure and protected by tight controls.
Prices start from $5 per user, per month for 1TB of secure storage. Unlimited storage can be accessed for $15 per user a month. Theres also a free version that you can use to test the platform.
On the downside, theres only email support. In-app collaboration is limited, and theres only a small number of third-party integrations.To find out more, read our Sync.com review.
Versatile secure cloud storage for businesses of all sizes
Automatic backups: Yes | Zero-knowledge encryption: Yes | At-rest encryption: Yes | Support: Live chat, phone, email
Excellent encryption tools
Encrypted file sharing available
Real-time collaboration tools
Slow upload and download speeds
Expensive compared to some alternatives
Tresorit is known for its advanced cloud storage solutions which are backed by a suite of collaboration and other productivity features. It uses zero-knowledge end-to-end encryption across the board.
The secure file sharing tools also stand out as excellent, particularly for those dealing with sensitive data. All links are encrypted, and you can set clear access permissions to ensure files are only available to selected people.
In addition, Tresorit boasts full compliance with various regulatory bodies. Its fully HIPAA compliant, and its Swiss roots enable it to offer leading privacy features.
The collaboration tools also stand out as excellent. You can work alongside other team members to edit files. All changes will be tracked, and you can mark files that youre working on as editing to notify your colleagues.
Some users will be concerned by the slow download and upload speeds, though, which are somewhat lower than we would expect with a leading cloud storage provider. Prices are also a little high, with the cheapest plan starting at $14.50 per user a month for 1TB of storage.
Our full Tresorit review covers the service in more detail.
Mega has a great free forever plan
Automatic backups: Yes | Zero-knowledge encryption: Yes | At-rest encryption: Yes | Support: Email
Very competitively priced
Great free forever plan
Tidy user interface
Built-in team messaging tools
Slow upload and download
Limited support options
Few third-party app integrations
MEGA is our clear choice for those looking for a free secure cloud storage platform. It offers 20GB of storage with its free forever plan, which is backed by a full range of premium tools.
As expected, all files are protected by zero-knowledge end-to-end encryption. Two-factor authentication is available, and you can set clear link permissions to ensure only the right people can access shared files.
On top of this, the MEGA user interface is tidy and packed full of advanced features. The collaboration tools are excellent, enabling you to work alongside your colleagues and other team members. Theres a built-in secure chat tool, and theres even a MEGAdrop tool that enables third parties to upload files to your cloud.
The lack of support options will be a little concerning for some, as will the limited number of third-party app integrations. Upload and download speeds are also a little slow.Learn more in our full MEGA review.
Competitively priced secure cloud storage
See the original post here:
Secure cloud storage: which are the most secure providers? - ITProPortal