Google Announces SHA-1 Deprecation Timeline
Despite recently public concerns over the sunsetting of SHA-1, Google announced it will block new SHA-1 certs in Chrome as of Jan. 1, and all SHA-1 certs possibly by July 1, 2016.
collision attack
Practical SHA-1 Collision Months, Not Years, Away
New research into attacks against the SHA-1 cryptographic algorithm lessen the cost and time to arrive at a practical collision.
Last.fm, Mum On Breach, Adopts ‘More Rigorous’ Password Security
Last.fm, the online music streaming service, said it has implemented ‘more rigorous’ security for customer account passwords in the wake of reports that some of those passwords had been leaked online.
The U.S. Department of Homeland Security is warning IT administrators and operators of industry control systems about the danger posed by the Flame (aka sKyWIper) malware after Microsoft acknowledged that the malware is able to spoof its Windows Update service to push malicious code onto vulnerable systems.
Editor's Picks
-
Victims Lose Access to Thousands of Photos as Instagram Hack Spreads
-
Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw
-
ThreatList: Almost All Security Pros Believe Election Systems Are at Risk
-
New Variant of KeyPass Ransomware Discovered
-
Podcast: enSilo CEO on Black Hat USA 2018 Top Trends