SSL keys | Breaking Cybersecurity News | The Hacker News

In the wake of a hoax bomb threat, all public schools in Los Angeles were closed for a day last week, and now German authorities have seized an encrypted email server. But, Does that make sense? In a video statement posted on Monday, the administrator of Cock.li – an anonymous email provider service – said German authorities had seized a hard drive from one of its servers that used to host the service in a Bavarian data center. The email provider was thought to have been used last week to send bomb threatening emails to several school districts across the United States, resulting in the closure of all schools in the Los Angeles Unified School District. Despite The New York City Department of Education dismissed the e-mail as an obvious hoax, German authorities seized a hard drive that, according to the service admin, actually holds "all data" on the company. According to the service administrator Vincent Canfield, "SSL keys and private keys and f...

Yet another American Internet privacy service has bitten the dust, prompted by fears about broad government surveillance demands. CryptoSeal, a Virtual private network (VPN) based in California has decided to shutter its privacy-conscious service rather than hand over its encryption keys to the U.S. Government. VPNs are secure tunnels to the Internet that allow users to mask their location, defeat regional restrictions, stay safe over public Wi-Fi connections, and maintain at least a modicum of privacy online. CryptoSeal is the latest company to voluntarily shut down its service after the U.S. Government's legal action against Lavabit, an email service used by former NSA contractor Edward Snowden. " With immediate effect as of this notice, CryptoSeal Privacy, our consumer VPN service, is terminated, " a notice reads on the company's website. " All cryptographic keys used in the operation of the service have been zerofilled...all records created incidental ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Though Apple claims iMessage has end-to-end encryption, But researchers claimed at a security conference that Apple's iMessage system is not protected and the company can easily access it. Cyril Cattiaux - better known as pod2g, who has developed iOS jailbreak software, said that the company's claim about iMessage protection by unbreakable encryption is just a lie, because the weakness is in the key infrastructure as it is controlled by Apple: they can change a key anytime they want, thus read the content of our iMessages . Basically, when you send  an   iMessage to someone, you grab their public key from Apple, and encrypt your message using that public key. On the other end, recipients have their own private key that they use to decrypt this message. A third-party won't be able to see the actual message unless they have access to the private key. Trust and public keys always have a problem, but the  researchers noted that there's ...

During the summer, The Secure email provider 'Lavabit' and preferred service for PRISM leaker  Edward Snowden  decided to shut down after 10 years to avoid being complicit in crimes against the American people. The U.S. Government obtained a secret court order demanding private SSL key from Lavabit, which would have allowed the FBI to wiretap the service's users, according to Wired . Ladar Levison, 32, has spent ten years building encrypted email service Lavabit , attracting over 410,000 users. When NSA whistleblower Edward Snowden was revealed to be one of those users in July, Ladar received the court orders to comply, intended to trace the Internet IP address of a particular Lavabit user, but he refused to do so. The offenses under investigation are listed as violations of the Espionage Act and Founder was ordered to record and provide the connection information on one of its users every time that user logged in to check his e-mail. The Governm...