In response to public concerns about cryptographic security, the National Institute of Standards and Technology (NIST) has formally revised its recommended methods for generating random numbers, a crucial element in protecting private messages and other types of electronic data.
While the Tor anonymity network conceals (relatively successfully) a user's location and Internet activity from anyone who might want to know about it, users should be aware of the fact that it does not offer end-to-end encryption, and any traffic that is not encrypted before it enters Tor can be seen and perused by those operating exit nodes.
Cisco has pushed out security updates to address two vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Content Security Management Virtual Appliance (SMAv) software.
Using encryption to protect mobile traffic and especially the exchange of credentials between the user and company servers should be a must in this day and age.
Let's Encrypt, a non-profit certificate authority (CA) set up by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University of Michigan, is finally ready to issue its first certificate, scheduled for next week.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.