Hammertoss, a backdoor uncovered by researchers at FireEye, combines many previous communication venues used by APT29, a espionage outfit linked to the Russian government.
Browsing Category: Cryptography
A paper, expected to be presented at USENIX, describes new attacks against RC4 that make plaintext recovery times practical and within reach of hackers.
A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.
FBI director James Comey and Deputy Attorney General Sally Yates testified before a Senate committee on how encryption is hampering law enforcement and national security efforts.
Thirteen cryptography leaders and pioneers published a paper warning of the economic and social pitfalls associated with the government’s desire for “exceptional access” to cryptographic keys.
The IETF, in RFC7568, declared SSLv3 “not sufficiently secure” and prohibited its use. SSLv3 fallbacks were to blame for the POODLE and BEAST attacks.
NIST officially has removed the controversial and compromised Dual_EC_DRBG from its list of recommended algorithms for generating random numbers.
Facebook has hired away the top security executive at Yahoo, Alex Stamos, to become the company’s new CSO. Stamos said Wednesday that he is joining Facebook because he believes the company is in the best position to address some of the large security challenges facing users and companies right now. “There is no company in[…]
Researchers at Tel Aviv University have developed a compact, untethered tool capable of extracting GnuPG crypto keys (RSA and ElGamal) from laptops.
Researchers from ERPScan said SAP’s HANA in-memory database contains a default static encryption key.