encryption
OpenSSH 5.9 released
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. It encrypts all traffic (including passwords) to …
Iranian users were the ultimate target in DigiNotar compromise
If you needed a confirmation of Google’s claims that the rogue SSL issued by DigiNotar for *.google.com domains was used mainly to mount man-in-the-middle attacks …
Rogue SSL certs were also issued for CIA, MI6, Mossad
The number of rogue SSL certificates issued by Dutch CA DigiNotar has ballooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor …
Mozilla, Tor Project, Yahoo targeted through DigiNotar attack
Following the admission that the rogue SSL certificate that allowed attackers to impersonate Google was missed by auditors and that several dozen other certificates were …
Cloud security platform for LAMP stack
Gazzang announced ezNcrypt 2.0, its data security platform, now expanded to provide transparent data encryption (TDE) for the entire LAMP stack, including any data, logs or …
Google blacklisted 247 additional DigiNotar certificates?
New versions of Chrome and Firefox have been released today by Google and Mozilla due to the discovery of a rogue Google SSL certificate being abused in the wild. DigiNotar …
Rogue Google SSL certificate allowed MITM Gmail attacks
Recently discovered attempts of an SSL man-in-the-middle attack against Google users – spotted by a number of Iranian Internet users – have revealed that Dutch …
PBConnex: Full-disk encryption with pre-boot networking
WinMagic launched SecureDoc with PBConnex, a full-disk encryption solution with pre-boot networking. PBConnex, an extension to SecureDoc, fully integrates network support …
Researchers identify first flaws in the Advanced Encryption Standard
Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by …
New crypto support for mobile payment issuers
Thales announced software for Hardware Security Modules (HSMs) that enables mobile payment issuers to deliver their mobile payment applications to mobile handsets Over-The-Air …
P25 security mitigation guide
In a recent research paper [pdf], we analyzed the security features of the APCO Project 25 (P25) digital two-way radio system. P25 radios are widely deployed in the United …
What really breaks SSL?
After years of being ignored — which is an unusual situation for the protocol that secures the Web — SSL became the focus of the interests of the security …