encryption
Major browser makers synchronize end of support for RC4
Mozilla, Google and Microsoft have come to an agreement: support for the increasingly vulnerable RC4 cryptographic cypher in the companies’ browsers will end in early …
How Linux Foundation sysadmins secure their workstations
Sysadmins around the world have been provided with another helpful guide on how to go about hardening their Linux workstations, as Konstantin Ryabitsev, Director of …
OpenSSH 7.0 deprecates weak, legacy and unsafe cryptography
OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, it provides secure tunneling …
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
Closely behind the discoveries of the Stagefright flaw, the hole in Android’s mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that …
NIST releases SHA-3 cryptographic hash standard
The National Institute of Standards and Technology (NIST) has released the final version of its “Secure Hash Algorithm-3” standard, a next-generation tool for …
Open source tool for deploying SSL public key pinning in iOS, OS X apps
At Black Hat USA 2015, Data Theorem and Yahoo! will be unveiling TrustKit, a new, open source security toolkit that helps developers easily include complex mobile security …
Quantum-powered RNG supplies pure entropy to crypto systems
Whitewood Encryption Systems has created Entropy Engine, a cost-effective, quantum-powered random number generator.The Entropy Engine employs quantum mechanics to solve the …
Researchers devise passive attacks for identifying Tor hidden services
A group of MIT researchers have devised two attacks that could identify, with a high degree of certainty (88%), an anonymous hidden service or client.Hidden services are …
Cloud encryption and tokenization trends in financial services
The adoption of the cloud continues to grow rapidly with Gartner forecasting $282 billion in spending by 2018.“As financial services adopt the cloud, strict compliance …
OpenSSH bug enables attackers to brute-force their way into poorly configured servers
A vulnerability in the popular secure remote access software OpenSSH can be exploited by attackers to try to brute-force their way into the connection and access …
Hardware encryption market revenue to reach $36.4 billion by end of 2015
There are a variety of ways to secure data, either on the perimeter or within the LAN, but the most fundamental method in a defense-in-depth model is hardware encryption. The …
Is this the death knell for the RC4 encryption algorithm?
It has been known for quite some time that the RC4 cryptographic cypher – used in popular Internet protocols such as TLS and HTTPS – is vulnerable to attack, but …