Cryptography - Page 7Cryptography - Page 7.75 - Results from #135

Discover Cryptography News

Google sticks anti-SQL injection vaccine into MySQL MariaDB fork

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Google is dropping encryption into MariaDB, the fork of Oracle

LinuxSecurity.com Team
Apr 09, 2015

Audit Concludes No Backdoors in TrueCrypt

The results are in from the cryptanalysis phase of the TrueCrypt audit, and they show

LinuxSecurity.com Team
Apr 03, 2015

New Firefox version says

Developers of the Firefox browser have moved one step closer to an Internet that encrypts all the world's traffic with a new feature that can cryptographically protect connections even when servers don't support the HTTPS protocol.

LinuxSecurity.com Team
Apr 02, 2015

Wikipedia Wants a More Secure Web, But It's Not Encrypted By Default

On March 10, Wikipedia took a stand for its users, in particular its anonymous volunteers, and sued the NSA, accusing it of mass surveillance.

LinuxSecurity.com Team
Mar 23, 2015

You need to apply the OpenSSL patches today, not tomorrow

At first glance, you might not think that the latest set of OpenSSL security patches are that important. Sure, there's a dozen of them and two are serious, but are they really that bad? Yes, actually they're not just bad, they're awful.

LinuxSecurity.com Team
Mar 19, 2015

How to Sabotage Encryption Software (And Not Get Caught)

In the field of cryptography, a secretly planted

LinuxSecurity.com Team
Mar 17, 2015

Yahoo puts email encryption plugin source code up for review

Yahoo released the source code for a plugin that will enable end-to-end encryption of email messages, a planned data-security improvement prompted by disclosures of U.S. National Security Agency snooping.

LinuxSecurity.com Team
Mar 16, 2015

New FREAK Attack Threatens Many SSL Clients

For the nth time in the last couple of years, security experts are warning about a new Internet-scale vulnerability, this time in some popular SSL clients. The flaw allows an attacker to force clients to downgrade to weakened ciphers and break their supposedly encrypted communications through a man-in-the-middle attack.

LinuxSecurity.com Team
Mar 04, 2015

Gemalto Confirms It Was Hacked But Insists the NSA Didn

Gemalto, the Dutch maker of billions of mobile phone SIM cards, confirmed this morning that it was the target of attacks in 2010 and 2011

LinuxSecurity.com Team
Feb 27, 2015

Yahoo exec goes mano a mano with NSA director over crypto backdoors

Echoing the concerns many US-based technology companies have about US-led surveillance programs, Yahoo Chief Information Security Officer Alex Stamos asked the director of the National Security Agency some pointed questions concerning proposed or existing backdoors placed in encryption technologies.

LinuxSecurity.com Team
Feb 25, 2015

Lenovo Superfish Certificate Password Cracked

Lenovo laptop owners are at risk for man-in-the-middle attacks as a vulnerability disclosed in pre-installed Superfish adware went nuclear this morning.

LinuxSecurity.com Team
Feb 20, 2015

A Crypto Trick That Makes Software Nearly Impossible to Reverse-Engineer

Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It

LinuxSecurity.com Team
Feb 12, 2015

SSL Is Officially Declared Dead

On January 30, 2015, QSAs received the latest edition of the Council

LinuxSecurity.com Team
Feb 11, 2015

Once-starving GnuPG crypto project gets a windfall. Now comes the hard part

For almost two decades, the open source GnuPG encryption project has teetered on the brink of insolvency. Now, following word of that plight, the lone developer keeping the project alive has received more than $135,000

LinuxSecurity.com Team
Feb 09, 2015

The World

The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive.

LinuxSecurity.com Team
Feb 06, 2015

PSA: Your crypto apps are useless unless you check them for backdoors

At the beginning of the year, I did something I've never done before: I made a new year's resolution. From here on out, I pledged, I would install only digitally signed software I could verify hadn't been tampered with by someone sitting between me and the website that made it available for download.

LinuxSecurity.com Team
Feb 05, 2015

Backdoor in a Public RSA Key

Hello, %username%! When I saw how it works, say that I was shocked is to say nothing. It's a pretty simple trick, but after reading this article, you will never look at the RSA as before. This is not a way to hijack RSA, but something that will make your paranoia greatly swell.

LinuxSecurity.com Team
Jan 21, 2015

Is banning encryption a crazy plan or an absolute necessity? The reality is much more complicated

Comments this week by UK prime minister David Cameron have re-ignited the debate about how to weigh individuals' online privacy against the needs of law enforcement to be able to detect and prevent crime.

LinuxSecurity.com Team
Jan 13, 2015

Post-POODLE, OpenSSL shakes off some fleas

OpenSSL has squashed eight low severity vulnerabilities bugs that could result in denial of service or the removal of forward secrecy. The holes, two graded "moderate", were addressed in OpenSSL updates 1.0.0p, 0.98zd, and 1.0.1k.

LinuxSecurity.com Team
Jan 09, 2015

Next gen ransomware: Elliptic cryptic, talks on Tor, demands Bitcoin

Cybercrooks have brewed a strain of ransomware that uses elliptic curve cryptography for file encryption, and Tor for communication. The malware, dubbed OphionLocker, is spreading using a malicious advertising (malvertising) campaign featuring the RIG exploit kit.

LinuxSecurity.com Team
Dec 15, 2014

Cryptography - Page 7.75

Abyss Locker Ransomware Targets Linux & Windows Users

Linux Foundation Joins Post-Quantum Cryptography Alliance

New Decryption Key Available for Babuk Tortilla Ransomware Victims