The ramifications of the recent SHA-1 collision attack have extended to Git and the Apache Subversion repository, both of which rely on the outdated and vulnerable hashing algorithm.
Browsing Category: Web Security
Google’s security researchers disclosed details of an unpatched Microsoft vulnerability in its Edge and Internet Explorer browsers.
Researchers say Necurs malware has been updated with a module that adds SOCKS/HTTP proxy and DDOS capabilities to this malware.
Researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) say they have unearthed fresh leads on the tools and techniques used in the most recent wave of Shamoon attacks.
By making the Vulnerability Equities Process law, advocates of the idea argue there would be more reliability, transparency and accountability in the process of government vulnerability disclosure.
Microsoft’s delayed release of its February security bulletins leaves users exposed to a pair of already publicly disclosed vulnerabilities.
New file-sharing protocols and interfaces called Upspin have been released to open source. Built by Google, Upspin returns access control and data security to the user.
The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.
US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e.
SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference