encryption
OpenSSH 7.0 deprecates weak, legacy and unsafe cryptography
OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, it provides secure tunneling …
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
Closely behind the discoveries of the Stagefright flaw, the hole in Android’s mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that …
NIST releases SHA-3 cryptographic hash standard
The National Institute of Standards and Technology (NIST) has released the final version of its “Secure Hash Algorithm-3” standard, a next-generation tool for …
Open source tool for deploying SSL public key pinning in iOS, OS X apps
At Black Hat USA 2015, Data Theorem and Yahoo! will be unveiling TrustKit, a new, open source security toolkit that helps developers easily include complex mobile security …
Quantum-powered RNG supplies pure entropy to crypto systems
Whitewood Encryption Systems has created Entropy Engine, a cost-effective, quantum-powered random number generator.The Entropy Engine employs quantum mechanics to solve the …
Researchers devise passive attacks for identifying Tor hidden services
A group of MIT researchers have devised two attacks that could identify, with a high degree of certainty (88%), an anonymous hidden service or client.Hidden services are …
Cloud encryption and tokenization trends in financial services
The adoption of the cloud continues to grow rapidly with Gartner forecasting $282 billion in spending by 2018.“As financial services adopt the cloud, strict compliance …
OpenSSH bug enables attackers to brute-force their way into poorly configured servers
A vulnerability in the popular secure remote access software OpenSSH can be exploited by attackers to try to brute-force their way into the connection and access …
Hardware encryption market revenue to reach $36.4 billion by end of 2015
There are a variety of ways to secure data, either on the perimeter or within the LAN, but the most fundamental method in a defense-in-depth model is hardware encryption. The …
Is this the death knell for the RC4 encryption algorithm?
It has been known for quite some time that the RC4 cryptographic cypher – used in popular Internet protocols such as TLS and HTTPS – is vulnerable to attack, but …
TeslaCrypt 2.0 makes it impossible to decrypt affected files
“Kaspersky Lab has detected curious behavior in a new threat from the TeslaCrypt ransomware encryptor family. In version 2.0 of the Trojan notorious for infecting …
Mobile SSL failures: More common than they should be
Securing your mobile application traffic is apparently more difficult than it should be, as researchers Anthony Trummer and Tushar Dalvi discovered when looking into SSL/TLS …
Featured news
Resources
Don't miss
- Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884)
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable