Stay secure with the latest encryption news, trends, and best practices in information security. Protect your data with cutting-edge cryptography.
Search across headline titles and summaries.
Background for this topic.
Encryption is the process of converting information or data into a code, especially to prevent unauthorized access. In the context of information security, encryption acts as a critical line of defense in protecting sensitive data both in transit and at rest.
By using algorithms and cryptographic keys, encryption obscures data so that it is unintelligible to anyone who does not have the corresponding decrypting key. This ensures that even if data is intercepted or accessed by malicious actors, the contents remain confidential and unusable.
Modern encryption is applied across various domains including secure communications, financial transactions, password management, and more. Its significance in cybersecurity cannot be overstated, as it enables the secure exchange of information in an increasingly digital world, keeping personal, corporate, and government data safe from cyber threats.
Weekly headline count for the current query.
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party
A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines per-file ephemeral key encryption with an aggressive self-propagation module to deploy itself across an entire network using series of simultaneous lateral movement techniques per target. The post The Gentlemen ransomware: Dissecting a self-propagating Go encryptor appeared first on Microsoft Security Blog.
Fraudsters Tokenize Stolen Cards Into Attacker WalletsGoogle Threat Intelligence Group warned that Chinese-language phishing-as-a-service platforms are using AI, encrypted messaging and real-time OTP interception to bypass multifactor authentication and provision stolen payment cards into attacker-controlled digital wallets worldwide.
Company Pushes Key Rotation After 3,800 Repositories CompromisedHacked code repository GitHub warned administrators of self-hosted git servers to rotate public encryption keys following a May 18 incident involving a poisoned VS Code extension used by an employee. GitHub CISO Alexis Wales in a Tuesday update said the repository is rotating all keys.
The release includes implementations of two quantum-secure algorithms and demonstrates how formal verification caught bugs that traditional testing would have missed. The post Apple open-sources quantum-resistant encryption code appeared first on CyberScoop.
Discord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). [...]
West Pharmaceutical Services disclosed that it was the target of a cyberattack that resulted in data exfiltration and system encryption. [...]
Survey of cybersecurity leaders suggests that majority would strongly consider paying cybercriminals, if that’s what it took to help restore encrypted systems
Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5
After years of stopping dead at the green bubble border, iPhone and Android users can finally send E2EE messages without relying on third-party apps
Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a "cross-industry effort" to replace traditional SMS with a more secure alternative
After years of insisting end-to-end encryption was the future of online comms, Zuckcorp has handed itself full visibility into user chats once again
Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.
Backups don't fail because they're missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery. [...]
Governments Have Long Warned About Kremlin Social Engineering HacksSignal is defending the security of its systems following a series of phishing attacks that took place on the encrypted messaging platform, and that reportedly compromised members of the German government including the president of the country's parliament.
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. [...]
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors
A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant implementing Kyber1024 post-quantum encryption. [...]
France Invokes Geopolitical Instability to Mandate 2030 DeadlineA working quantum computer is probably at least a decade away. The rush to adopt encryption algorithms that can withstand the onslaught of a qubit attack has already begun, with European countries feeling variable levels of urgency. "Sooner is better in principle," an analyst said.