Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
OpenSSH 5.9 released

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. It encrypts all traffic (including passwords) to …

Iranian users were the ultimate target in DigiNotar compromise

If you needed a confirmation of Google’s claims that the rogue SSL issued by DigiNotar for *.google.com domains was used mainly to mount man-in-the-middle attacks …

Rogue SSL certs were also issued for CIA, MI6, Mossad

The number of rogue SSL certificates issued by Dutch CA DigiNotar has ballooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor …

Mozilla, Tor Project, Yahoo targeted through DigiNotar attack

Following the admission that the rogue SSL certificate that allowed attackers to impersonate Google was missed by auditors and that several dozen other certificates were …

Cloud security platform for LAMP stack

Gazzang announced ezNcrypt 2.0, its data security platform, now expanded to provide transparent data encryption (TDE) for the entire LAMP stack, including any data, logs or …

Google blacklisted 247 additional DigiNotar certificates?

New versions of Chrome and Firefox have been released today by Google and Mozilla due to the discovery of a rogue Google SSL certificate being abused in the wild. DigiNotar …

Rogue Google SSL certificate allowed MITM Gmail attacks

Recently discovered attempts of an SSL man-in-the-middle attack against Google users – spotted by a number of Iranian Internet users – have revealed that Dutch …

PBConnex: Full-disk encryption with pre-boot networking

WinMagic launched SecureDoc with PBConnex, a full-disk encryption solution with pre-boot networking. PBConnex, an extension to SecureDoc, fully integrates network support …

Researchers identify first flaws in the Advanced Encryption Standard

Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by …

New crypto support for mobile payment issuers

Thales announced software for Hardware Security Modules (HSMs) that enables mobile payment issuers to deliver their mobile payment applications to mobile handsets Over-The-Air …

P25 security mitigation guide

In a recent research paper [pdf], we analyzed the security features of the APCO Project 25 (P25) digital two-way radio system. P25 radios are widely deployed in the United …

What really breaks SSL?

After years of being ignored — which is an unusual situation for the protocol that secures the Web — SSL became the focus of the interests of the security …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools