encryption
Rogue SSL certs were also issued for CIA, MI6, Mossad
The number of rogue SSL certificates issued by Dutch CA DigiNotar has ballooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor …
Mozilla, Tor Project, Yahoo targeted through DigiNotar attack
Following the admission that the rogue SSL certificate that allowed attackers to impersonate Google was missed by auditors and that several dozen other certificates were …
Cloud security platform for LAMP stack
Gazzang announced ezNcrypt 2.0, its data security platform, now expanded to provide transparent data encryption (TDE) for the entire LAMP stack, including any data, logs or …
Google blacklisted 247 additional DigiNotar certificates?
New versions of Chrome and Firefox have been released today by Google and Mozilla due to the discovery of a rogue Google SSL certificate being abused in the wild. DigiNotar …
Rogue Google SSL certificate allowed MITM Gmail attacks
Recently discovered attempts of an SSL man-in-the-middle attack against Google users – spotted by a number of Iranian Internet users – have revealed that Dutch …
PBConnex: Full-disk encryption with pre-boot networking
WinMagic launched SecureDoc with PBConnex, a full-disk encryption solution with pre-boot networking. PBConnex, an extension to SecureDoc, fully integrates network support …
Researchers identify first flaws in the Advanced Encryption Standard
Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by …
New crypto support for mobile payment issuers
Thales announced software for Hardware Security Modules (HSMs) that enables mobile payment issuers to deliver their mobile payment applications to mobile handsets Over-The-Air …
P25 security mitigation guide
In a recent research paper [pdf], we analyzed the security features of the APCO Project 25 (P25) digital two-way radio system. P25 radios are widely deployed in the United …
What really breaks SSL?
After years of being ignored — which is an unusual situation for the protocol that secures the Web — SSL became the focus of the interests of the security …
Granular access to encrypted data in the cloud
Newline Software announced the release of OPTIC, Online Privacy Technology In the Cloud. The solution allows developers to securely query, write, and read encrypted data to …
Mac OS X Lion login password easily revealed
Mac OS X stores user login passwords in system memory even if the computer is locked or put into a sleep mode. The vulnerability is present in all modern versions of Mac OS X, …
Featured news
Resources
Don't miss
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable
- Securing agentic AI with intent-based permissions