Skip to main content
banner image
venafi logo

Encryption Stories that Caught our Eye This Week [Encryption Digest 3]

Encryption Stories that Caught our Eye This Week [Encryption Digest 3]

encryption news
May 3, 2019 | Katrina Dobieski

Here are the encryption stories that we’re looking at this week. In this edition, read about encryption challenges for IoT, European Union backlash against backdoors and the ripple effect of the ShadowHammer attack.


Trouble is Spelled with a Capital “P2P”

Imagine buying a home-security camera with the capability to punch through firewalls and share your data with millions of other connected devices, peer-to-peer. Imagine your baby monitor connected to a worldwide network of other shared devices all homing in to the same Chinese based manufacturing mothership. Imagine the outdated code is replete with stale vulnerabilities that expose it to remote compromise from any P2-peer that can connect.


For a nominal fee, you can buy an unencrypted IoT device requiring zero authentication and fully functional with the scan of a barcode. The only thing more ear-catching than that is finding out how many have already been sold. Read the full article.


Read related articles


The Right to Remain Private: Europe Resists Encryption Backdoors

Taking a page from Australia’s book, the FBI is pushing to have near-unlimited access to consumer and corporate encrypted communications, chasing cybercrime down its own dark alleys. “It can’t be a sustainable end state for there to be an entirely unfettered space that’s utterly beyond law enforcement for criminals to hide,” argues FBI director Christopher Wray at RSA last month. While intended to shine a light, privacy advocates fear government mandated encryption backdoors will backfire, becoming state-sanctioned snooping on one of the last free frontiers of privately-encoded messaging.


Europe backs the pedestrian’s right of way, acknowledging “if we respect privacy, then encryption is the main key to security in the IT world,” according to Yves Vandermeer, chair of the European Cybercrime Training and Education Group (ECTEG). However, he does concede the “need to address the [encryption] challenge in other ways.” Read the full article.


Read related articles

Victims Rise in ShadowHammer Attack

Kaspersky confirmed that at least six other firms fell victim to what is now seen as a trojan attack. ShadowHammer struck a blow to ASUS earlier this year as the malware took down its systems from the inside, hidden in its machines in a wide-sweeping supply-chain attack. While unfortunate, the fact that several Asian gaming corporations got similarly “pwned” adds some consolation to the Taiwanese electronics giant.


Some digging reveals the malware was signed with valid certificates, not surprising given that this is an increasing trend in dark cyber. So what’s the answer for laptop makers, gamers and all of us who rely on the validity of their supply chains? Read the full article


Read related articles

Like this blog? We think you will love this.
Featured Blog

With Rapid Rise in Funds Stolen from DeFi Protocols, Private Keys in Play

Massive heist begins with

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Katrina Dobieski
Katrina Dobieski

Katrina writes for Venafi's blog and helps optimize Venafi's online presence to advance awareness of Machine Identity Protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more