Police tricks DeadBolt ransomware out of 155 decryption keys
The Dutch National Police, in collaboration with cybersecurity firm Responders.NU, obtained 155 decryption keys from the DeadBolt ransomware gang by faking ransom payments. [...]
Stay secure with the latest encryption news, trends, and best practices in information security. Protect your data with cutting-edge cryptography.
Search across headline titles and summaries.
Background for this topic.
Encryption transforms readable data into ciphertext using an algorithm and a key, so someone who obtains the ciphertext cannot normally understand it without the required key. It protects confidentiality for data in transit, such as traffic between services, and at rest, such as files, databases, and backups. Encryption does not by itself prove who sent data, prevent tampering, or protect plaintext displayed on a compromised endpoint.
Its security therefore depends on implementation and key management. Attackers may target stolen, exposed, or overprivileged keys, weak algorithms or protocols, poor randomness, and systems that decrypt data unnecessarily. Use modern, authenticated encryption where appropriate; protect keys separately from encrypted data with tightly limited access, rotation and revocation procedures, and monitored use. Verify that encryption covers relevant backups and internal service links, while recognizing that lost keys can make recovery impossible and that encrypted traffic may still reveal metadata such as timing or endpoints.
The Dutch National Police, in collaboration with cybersecurity firm Responders.NU, obtained 155 decryption keys from the DeadBolt ransomware gang by faking ransom payments. [...]
Redmond says OME is really for content misuse rather than security Microsoft Office 365 Message Encryption claims to offer a way "to send and receive encrypted email messages between people inside and outside your organization."…
How 2022 is your encryption?
The default email encryption used in Microsoft Office's cloud version is leaky, which the company acknowledged but said it wouldn't fix.
Security researchers at WithSecure have discovered it's possible to partially or fully infer the contents of encrypted messages sent through Microsoft Office 365, highlighting an intrinsic weakness in the encryption scheme used. [...]
Security expert challenges claim that bypassing encryption is essential to protecting kids Exclusive Laws in the UK and Europe have been proposed that would give authorities the power to undermine strong end-to-end encryption in the pursuit of, in their minds, justice.…