Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



Encrypting files and emails: A beginner's guide to securing sensitive information

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In today's digital age, sensitive information is constantly being shared and transmitted over various electronic devices and networks.


RSA Algorithm in Cryptography: Rivest Shamir Adleman Explained

RSA is a popular and secure cryptographic algorithm that encrypts and decrypts data. It provides a secure method for transmitting sensitive data over the Internet. While RSA has some vulnerabilities, it is still utilized for various applications, like digital signatures to authenticate the source of a message. This article describes RSA, how it works, and its major applications. It also explains the security vulnerabilities of RSA and how to mitigate them.


FIPS 140-2 Encryption for Mobile App Security

Data security is crucial to creating mobile apps, and businesses that create or handle sensitive data must adhere to the Federal Information Processing Standards (FIPS). Data is encrypted before it leaves the mobile device and is decoded in a safe environment thanks to the FIPS 140-2 encryption standard. In this article, we will take a look at the standards and best practices for FIPS 140-2 encryption compliance, covering the fundamentals of ensuring a safe mobile app.


Data Encryption At Rest vs In Motion in Microsoft 365

Data is the most important resource that a company possesses. Any data loss event can be extremely disruptive, with serious consequences including regulatory fines, major revenue loss, and reputational damage. Data encryption is crucial for any organizations that deal with sensitive data including customer and employee information, payment details, company financials, M&A documents, government and defense data, and more.


White Phoenix: Beating Intermittent Encryption

Recently, a new trend has emerged in the world of ransomware: intermittent encryption, the partial encryption of targeted files. Many ransomware groups, such as BlackCat and Play, have adopted this approach. However, intermittent encryption is flawed. In this blog post, I will introduce White Phoenix, a tool my team built that takes advantage of the fact that those files aren’t entirely encrypted and can, in the right circumstances, salvage some content from the unencrypted parts of the files.


EP 24 - Making the Leap to Post-Quantum Computing Encryption

Quantum computing is coming and it has the potential to be both exciting and terrifying… On today’s episode of Trust Issues, host David Puner speaks with cryptographer Dr. Erez Waisbard, CyberArk’s Technology and Research Lead, about quantum computing innovation and its cybersecurity implications – from data encryption to surveillance and privacy. Dr.


Keeper - The Only Enterprise Password Manager to Use Elliptic Curve Cryptography

Keeper’s Enterprise Password Manager is the only solution that uses Elliptic Curve Cryptography (ECC) in its encryption, making it the most secure password management solution available. ECC is a public-key cryptography method based on the mathematics of elliptic curves. First proposed in 1985, it recently rose to prominence with modern cryptography as it provides a higher level of security compared to traditional encryption methods, such as RSA.

Cryptography Explained: Encryption vs. Tokenization vs. Hashing

Cryptography is the art of disguising data to keep it secure. I’m intentionally calling it an art because, when implemented correctly, it does a beautiful job of protecting valuable information. The alternative is to store data in plaintext – a reckless and negligent strategy. Take, for example, the time Marriott exposed 5 million unencrypted passport numbers. In this blog, I’ll decipher three pillars of cryptography and explain how each one helps you keep customer data safe.


The Triple DES Intro: Triple Data Encryption Standard

Triple Data Encryption Standard (Triple DES) is a symmetric block cipher-based cryptography standard that uses fixed length keys with three passes of the DES algorithm. As a symmetric cryptographic scheme, DES implementations rely on the same secret keys shared between the sender and the recipient. As we’ll see later, Triple DES was developed as a way to prevent man in the middle attacks. Let’s take a look at Triple DES — and we’ll start first with DES.


Elliptic Curve Cryptography: An Introduction

The mathematical properties and concepts of elliptic curves are used in asymmetric key exchange cryptography schemes. Common applications include: In this article, we’ll take a deep dive into elliptic curve cryptography. We aim to take a digestible, slightly less academic look that still thoroughly explains this technical topic. For something a little lighter, explore our introduction to cryptography.