All news with #encryption in transit tag

Understanding Cookie Types and How to Protect Them

🔒 This article explains how web cookies work, their classifications, and why session IDs are particularly valuable to attackers. It outlines common attack methods — including session sniffing over HTTP, cross‑site scripting (XSS), cross‑site request forgery (CSRF), and predictable session IDs — and describes specialized tracking like supercookies and evercookies. Practical advice for users and developers covers HTTPS, browser updates, cookie management, two‑factor authentication, cautious use of public Wi‑Fi, and preferring essential cookies only.

Mitsubishi MELSEC iQ-F CPU Module: Cleartext Credentials

🔒 Mitsubishi Electric disclosed a MELSEC iQ-F Series CPU module vulnerability (CVE-2025-7731) that transmits sensitive authentication data in cleartext over SLMP, enabling remote attackers to intercept credentials and read or write device values or halt program execution. Assigned CVSS v4 8.7 and described as remotely exploitable with low attack complexity, the issue affects many FX5U/FX5UC/FX5UJ/FX5S variants — Mitsubishi reports no planned patch. Mitsubishi and CISA recommend mitigations such as encrypting SLMP traffic with a VPN, restricting LAN access, isolating control networks behind firewalls, and following ICS hardening best practices.

UNWG Releases Video Series on P25 LMR Encryption Importance

🔐 The Joint SAFECOM–NCSWIC Project 25 (P25) User Needs Working Group (UNWG) has published a video series highlighting the importance of P25 land mobile radio (LMR) encryption for national security and first responder communications. The series explains three types of P25 protections — link layer authentication, link layer encryption, and voice traffic encryption — and why each matters. Another installment outlines UNWG’s role in preserving interoperability and encourages public safety stakeholder engagement.

PAN-OS 12.1 Orion: Quantum-Ready Multicloud Security

🔐 PAN-OS 12.1 Orion delivers a framework for quantum-ready and multicloud security, combining automated asset discovery, continuous risk assessment and centralized management via Strata Cloud Manager. It introduces an industry-first cipher translation to make legacy applications quantum-safe, plus quantum-optimized fifth-generation NGFW hardware for high-scale PQC inspection. The release also expands AI-driven detections and one-click deployment across AWS/Azure/GCP.

Palo Alto Networks' Quantum Security and PQC Tools

🔒 Palo Alto Networks announced a portfolio of quantum security innovations in PAN-OS 12.1 Orion and new fifth‑generation NGFWs to help organizations accelerate quantum readiness. The company introduces a Cryptographic Inventory in Strata Cloud Manager to identify and remediate weak or vulnerable cryptography. It delivers PQC support for NIST and prestandard algorithms and hybrid classical/post‑quantum options for VPNs and TLS. A new cipher translation proxy preserves legacy systems while migration proceeds, and Palo Alto Networks is advancing QRNG and QKD standards through industry initiatives.

Malware Analysis on AWS: Building Secure Isolated Sandboxes

🔒 This AWS blog explains how security teams can run malware analysis in the cloud while complying with AWS policies and minimizing risk. It recommends an architecture that uses an isolated VPC with no internet egress, ephemeral EC2 detonation hosts accessed via AWS Systems Manager Session Manager, and secure S3 storage via VPC gateway endpoints with encryption. The post emphasizes strong IAM and SCP guardrails, immutable hosts, automated teardown, centralized logging, and monitoring with CloudTrail and GuardDuty to maintain visibility and lifecycle control.

Secure File Sharing in AWS: Security and Cost Guide

🔒 This second part of the guide examines three AWS file‑sharing mechanisms — CloudFront signed URLs, an Amazon VPC endpoint service backed by a custom application, and S3 Access Points — contrasting their security, cost, protocol, and operational trade‑offs. It highlights CloudFront’s edge caching and WAF/Shield integration for low‑latency public delivery, PrivateLink for fully private TCP connectivity, and Access Points for scalable IAM‑based S3 access control. The post emphasizes choosing or combining solutions based on access patterns, compliance, and budget.

Chrome on Android: Advanced Protection Enhancements

🔒 Android's Advanced Protection extends Google's device-level security and integrates with Chrome on Android, enabling three core protections to guard high-risk users such as journalists and officials. It forces HTTPS via the Always Use Secure Connections mode, turns on full Site Isolation for devices with 4GB+ RAM, and reduces attack surface by disabling V8's higher-level JavaScript optimizers. Settings are available on Android 16 in Chrome 137+, and enterprises can control behaviors via policies while affected users should enable automatic updates and join the Advanced Protection Program for maximum defense. These measures trade some performance for stronger exploitation resistance.

Chrome to Remove Default Trust for Two Root CAs from Store

🛡️ Chrome will stop trusting new TLS server certificates chaining to roots owned by Chunghwa Telecom and NetLock when the certificate's earliest Signed Certificate Timestamp (SCT) is dated after July 31, 2025. The change, effective in Chrome 139+ on Windows, macOS, ChromeOS, Android and Linux (not iOS), begins around August 1, 2025 and will show an interstitial for affected sites. Site operators should replace impacted certificates before expiry or use enterprise policies to add local trust to avoid user disruption.

Cost of Quantum Factoring for RSA: Updated Estimates

🧮 Google Quantum AI authors report that a future quantum computer with roughly one million noisy qubits running for about a week could theoretically factor a 2048-bit RSA key — a roughly 20× reduction in qubit requirements compared to their 2019 estimate. The improvement reflects both algorithmic advances (including approximate modular exponentiation and lower operation overhead) and error-correction gains. The post stresses the urgency of migrating to post-quantum cryptography (PQC) per NIST guidance, highlights deployment steps already taken in Chrome and Cloud KMS previews, and warns of “store now, decrypt later” risks for long-lived keys.

SAFECOM Fall 2024 Bi-Annual Meeting Executive Summary

📢 SAFECOM convened its Fall 2024 Bi‑Annual Meeting on November 19–20, 2024, in Cape Coral, Florida, bringing members and invited guests together for plenary and breakout sessions. Highlights included presentation of the Marilyn J. Praisner Leadership Award to Mr. Michael Murphy, an interactive exercise on Primary, Alternate, Contingency, and Emergency (PACE) plans, and briefings on Hurricane Helene response and federal grant navigation. Technical and policy discussions addressed mobile device "SOS only" features, FirstNet Authority initiatives, counter-jamming research, high frequency operations, and encryption use, while committees advanced governance, education, funding, and incident communications priorities.

VirusTotal IP Address Change and TLS Provider Update

🔔 VirusTotal is changing the IP address for www.virustotal.com from 74.125.34.46 to 34.54.88.138, with a gradual rollout beginning on November 25. If you currently whitelist or have hardcoded the previous IP in firewalls or proxies, update your rules to include the new address to avoid service interruptions. We are also replacing our DigiCert wildcard TLS certificate with a Google Trust Services single-host certificate—update any certificate signer or subject validations accordingly. Note that the Big Files upload flow returns URLs on bigfiles.virustotal.com, which is served via a ghs.googlehosted.com load balancer using dynamic IP resolution; ensure your controls permit DNS-based resolution for those endpoints.