Cryptography - Page 10 - Results from #180

Discover Cryptography News

Encrypted Web traffic can reveal highly sensitive information

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Analyzing encrypted Web traffic can potentially reveal highly sensitive information such as medical conditions and sexual orientation, according to a research paper that forecasts how privacy on the Internet may erode.

LinuxSecurity.com Team
Jun 24, 2014

OpenSSL Patches 7 Security Flaws

If there is any good news from the discovery of the Heartbleed bug that affects OpenSSL, it

LinuxSecurity.com Team
Jun 20, 2014

Possible TrueCrypt Fork in the Works

Although the developers behind the TrueCrypt encryption software have given up the ghost and decided to no longer maintain the application, interest in the project has never been higher. But, one of the developers says that a nascent effort to fork TrueCrypt is unlikely to succeed.

LinuxSecurity.com Team
Jun 19, 2014

Dyreza Banker Trojan Seen Bypassing SSL

Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at a newer banker Trojan that has the ability to bypass SSL protection for banking sessions by redirecting traffic through the attackers

LinuxSecurity.com Team
Jun 18, 2014

Google debuts PGP email encryption plugin for Chrome

Google has released the alpha version of a new Chrome browser extension called End-To-End that allows users to encrypt, decrypt, digitally sign, and verify signed emails all within the browser.

LinuxSecurity.com Team
Jun 05, 2014

How to throw a CryptoParty like Edward Snowden

Six months before the entire world knew his name, Edward Snowden threw a CryptoParty in Hawaii with privacy researcher Runa Sandvik in an effort to teach locals how to protect their online privacy from threats as big as the National Security Agency or Google. Twenty Hawaiians attended the workshop taught by Sandvik and Snowden, who later called the event a

LinuxSecurity.com Team
Jun 05, 2014

Google, in promoting encryption, calls out Microsoft and Comcast

Encryption is like a relationship -- both parties need to be on the same page for it to work. And Microsoft and Comcast are apparently not on Google's page.

LinuxSecurity.com Team
Jun 04, 2014

In baffling move, TrueCrypt open-source crypto project shuts down

In a move that appears designed to provoke widespread questions, the anonymous managers of the TrueCrypt open-source encryption project abruptly pulled the plug on the effort without explanation.

LinuxSecurity.com Team
Jun 02, 2014

GnuTLS bug exposes Linux clients to server attacks

The maintainers of GnuTLS, a secure communications library used in Red Hat, Ubuntu other Linux distributions, have released fixes for a critical bug affecting the client-side of the software.

LinuxSecurity.com Team
Jun 02, 2014

SanDisk ships its first self-encrypting SSDs

SanDisk today released its first self-encrypting SSDs, a line of drives aimed at enterprises. SanDisk's new X300s SSD uses both the Trusted Computing Group's Opal 2.0 specification and Microsoft Encrypted Hard Drive hardware-based encryption to protect data on the drive.

LinuxSecurity.com Team
May 14, 2014

Fake Digital Certificates Found in the Wild While Observing Facebook SSL Connections

Visiting a website certified with an SSL certificate doesn't mean that the website is not bogus. Secure Sockets Layer (SSL) protect the web users in two ways, it uses public key encryption to encrypt sensitive information between a user's computer and a website, such as usernames, passwords, or credit card numbers and also verify the identity of websites.

LinuxSecurity.com Team
May 13, 2014

Internet Subversion

In addition to turning the Internet into a worldwide surveillance platform, the NSA has surreptitiously weakened the products, protocols, and standards we all use to protect ourselves. By doing so, it has destroyed the trust that underlies the Internet. We need that trust back.

LinuxSecurity.com Team
May 12, 2014

TLS 1.3 Working Group Has Consensus to Deprectate RSA Key Transport

The IETF working group responsible for the TLS 1.3 standard is closing in on a decision to remove RSA key transport cipher suites from the protocol.

LinuxSecurity.com Team
May 09, 2014

Heartbleed was a headache, but far from fatal

It's been a month since the Heartbleed Bug set off a stampede to patch software in everything from network gear to security software as it quickly became evident that vulnerable versions of the OpenSSL encryption code had been very widely deployed.

LinuxSecurity.com Team
May 09, 2014

11 reasons encryption is (almost) dead

Everyone who has studied mathematics at the movie theater knows that encryption is pretty boss. Practically every spy in every spy movie looks at an encrypted file with fear and dread. Armies of ninjas can be fought. Bombs can be defused. Missiles can be diverted.

LinuxSecurity.com Team
May 05, 2014

Heartbleed postmortem: OpenSSL's license discouraged scrutiny

Weeks after the OpenSSL debacle, the question still stands: Why did so few people show up to work on such widely-used and important code? Since the problem arose, funds have flowed in to fix it at the behest of corporate giants, but before the crises, few volunteers participated. One leading open source expert has suggested a reason: licensing.

LinuxSecurity.com Team
May 02, 2014

Hacker claim about bug in post-Heartbleed OpenSSL encryption likely a scam

Security experts have expressed doubts about a hacker claim that there

LinuxSecurity.com Team
Apr 28, 2014

Targeted Attack Uses Heartbleed to Hijack VPN Sessions

A targeted attack against an unnamed organization exploited the Heartbleed OpenSSL vulnerability to hijack web sessions conducted over a virtual private network connection.

LinuxSecurity.com Team
Apr 22, 2014

Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia

Expunging the Heartbleed bug from vulnerable computers and gadgets is likely to take months, according to a leading vuln research firm. The cautionary assessment by Secunia comes as more and more products are judged to be vulnerable to the infamous OpenSSL security flaw.

LinuxSecurity.com Team
Apr 22, 2014

Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker

Twee UK parenting website Mumsnet is the second high-profile organisation to claim it has fallen victim to the infamous Heartbleed OpenSSL vulnerability.

LinuxSecurity.com Team
Apr 15, 2014

Linux Cryptography

Abyss Locker Ransomware Targets Linux & Windows Users

Linux Foundation Joins Post-Quantum Cryptography Alliance

New Decryption Key Available for Babuk Tortilla Ransomware Victims