Plenty has been speculated since the Snowden documents were made public about the NSA’s interest in building a quantum computer that could break current encryption securing communication worldwide. Quantum computing on a practical scale is a distant goal, but some do exist that leverage some aspects of quantum physics and small numbers of quantum bits....

Facebook today began a test program rolling out opt-in end-to-end encryption for its Messenger service called Secret Conversations. The end-to-end encryption is based on the Signal protocol developed by Open Whisper Systems, the same protocol that stands up the crypto in the Signal and WhatsApp messaging applications. The Facebook version of the encryption service is...

Facebook today began a test program rolling out opt-in end-to-end encryption for its Messenger service called Secret Conversations. The end-to-end encryption is based on the Signal protocol developed by Open Whisper Systems, the same protocol that stands up the crypto in the Signal and WhatsApp messaging applications. The Facebook version of the encryption service is...

Mike Mimoso, Tom Spring and Chris Brook discuss the news of the week, including all things Android: the crypto weakness, the full disk encryption bypass, and new malware, Hummingbad, which impacts the mobile operating system. The three also discuss the TP-Link router fiasco. Download: Threatpost_News_Wrap_July_8_2016.mp3 Music by Chris Gonsalves

The default implementation for KeyStore, the system in Android designed to store user credentials and cryptographic keys, is broken, researchers say. In a an academic paper published this week, researchers argue that the particular encryption scheme that KeyStore uses fails to protect the integrity of keys and could be exploited to allow an attacker to modify...

A flaw in chipmaker Qualcomm’s mobile processor, used in 60 percent of Android mobiles, allows attackers to crack full disk encryption on the device. Only 10 percent of Android devices running Qualcomm processors are not vulnerable to this type of attack. Researchers at Duo Labs said the vulnerability is tied to Android’s problem-plagued mediaserver component coupled with...

Ransomware called Zepto is raising concerns with security experts because of its close ties to the more mature and prolific Locky ransomware. Zepto was spotted about a month ago, but a recent wave of spam containing Zepto-laced attachments detected on June 27 is heightening fears of widespread infections. “We are watching Zepto very carefully. It’s...

Last week Apple cleared the air as to whether or not it intentionally released an unencrypted version of its iOS 10 beta kernel to the developer community, stating the move was intentional. “The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,”...

Crooks behind the fast spreading CryptXXX ransomware updated the latest variant with better encryption technology and new methods to evade detection by researchers. This latest version of CryptXXX was spotted by researchers at SetinelOne that say the new updated sample has already earned ransomers approximately $50,000 in bitcoin payouts in the last 17 days. The...

The notorious Necurs botnet is back in business, after mysteriously going dark for nearly a month. Researchers report the Necurs has returned to spewing massive volumes of email containing an improved version of the potent Locky ransomware and the Dridex banking Trojan. According to Proofpoint which has been tracking Necurs, criminals behind the botnet began...