Google has announced that it is open sourcing a transpiler for Fully Homomorphic Encryption (FHE). According to the company, FHE will allow developers to work on encrypted data without being able to access personally identifiable information. FHE allows encrypted data to be transported across the Internet to a server and get processed without being decrypted. … continue reading
The new protections Defending Your Data include a contractual commitment to challenge government requests for data as well as a monetary commitment. These protections come after a ruling earlier this year from the Court of Justice for the European examining transfers of data from the EU as well as union and draft recommendations issued … continue reading
Top law enforcement officials are urging Facebook to stop its privacy initiative. In an open letter to Facebook, government officials from the United States, United Kingdom and Australia told Facebook it should not proceed with its plans without “including a means for lawful access to the content of communications to protect our citizens.” It also … continue reading
From providing a simple and low-cost entry system for public transport, to facilitating peer-to-peer payments between two unconnected parties, using sound to transfer data can bring unique benefits to many different applications. Although the usability benefits and time-saving capabilities of acoustic data transmission are well-understood, the security implications of data-over-sound are lesser known. On one … continue reading
Google has announced the open-source availability of its Private Join and Compute project. Private Join and Compute is a type of secure multi-party computation designed to help organizations work with confidential data sets. The project is a part of the company’s mission to help organizations do more with data while keeping users’ data as safe … continue reading
In the aftermath of Google Project Zero’s security exploits, Intel has announced that the company will work closely with their partners with a shared goal of restoring confidence in the security of the customers’ data as quickly as possible. Last week, it was revealed one of the vulnerabilties, Meltdown, was found on Intel processors, and … continue reading
HashiCorp released HashiCorp Vault 0.8 with updates to both the open source and enterprise versions, including new plugins, disaster recovery, mount filtered replication capabilities, and multi-factor authentication (MFA). “The previous release of Vault Enterprise introduced multi-datacenter replication, which has enabled many of our enterprise customers to adopt or expand their usage of Vault. The new release … continue reading
With its latest mainframe, IBM is taking on the challenges with encrypting data associated with applications, cloud services and databases. IBM today unveiled its new transaction system, IBM Z, which introduces what IBM considers to be a “breakthrough” for encryption engines. According to IBM, there is a major global epidemic of data breaches, where more … continue reading
My team in the Threat Research Center at WhiteHat Security specializes in mobile application business logic assessments, which is a hands-on penetration test of both mobile client-side apps and the business logic that can be used to circumvent the security built into the program. In a rapid application development environment, it’s a best practice (and … continue reading
DBmaestro is adding a DevSecOps comment to its DevOps solution. DevSecOps is a new philosophy that integrates security into the life cycle. According to the company, this maximizes risk management, threat prevention, flexibility, speed, and time to market. The Policy Control Manager is designed to eliminate risks, and reduce downtime and loss of data. “DBmaestro … continue reading
Microsoft’s TypeScript team presented the latest release of TypeScript 2.2 this week, with new features and quick fixes to improve the TypeScript experience. With TypeScript 2.2 comes more improvements to the editor, including code actions, which can guide developers in fixing up errors. This includes adding missing imports, adding missing properties, and removing unused declarations. … continue reading
Progress has open-sourced its Progress Telerik UI for Universal Windows Platform, which is a set of native UI controls for building Windows apps. With this announcement, Progress also revealed it is donating to the .NET Foundation to help it with open development in the .NET ecosystem. “With this donation, we are extending our commitment to … continue reading
