Apple today removed a number apps from the App Store accused of installing root certificates that compromised SSL/TLS connections.
Browsing Category: Cryptography
New research into attacks against the SHA-1 cryptographic algorithm lessen the cost and time to arrive at a practical collision.
Google announced that it has made HTTPS available as an opt-in for its Blogspot blog-publishing service.
Two privilege escalation vulnerabilities in the last TrueCrypt build were discovered by James Forshaw of Google Project Zero, and patched in VeraCrypt.
Microsoft revoked the four digital certificates inadvertently leaked last week by networking gear manufacturer D-Link.
As expected, Google formally announced its intent to move away from the stream cipher RC4 and the protocol SSLv3 this week, citing a long history of weaknesses in both.
Private keys used to sign D-Link software were included in open-source firmware published by the company.
Let’s Encrypt hit a major milestone today when its first free and automated cert went live.
Researchers with a DARPA-led team are looking into new ways to combat reverse engineering by using obfuscation to tidy up shoddy commercial and government security.
A San Diego-based password cracking group has taken a big step towards deciphering some of the 36 million odd passwords leaked in last month’s Ashley Madison breach