encryption
Iranian users were the ultimate target in DigiNotar compromise
If you needed a confirmation of Google’s claims that the rogue SSL issued by DigiNotar for *.google.com domains was used mainly to mount man-in-the-middle attacks …
Rogue SSL certs were also issued for CIA, MI6, Mossad
The number of rogue SSL certificates issued by Dutch CA DigiNotar has ballooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor …
Mozilla, Tor Project, Yahoo targeted through DigiNotar attack
Following the admission that the rogue SSL certificate that allowed attackers to impersonate Google was missed by auditors and that several dozen other certificates were …
Cloud security platform for LAMP stack
Gazzang announced ezNcrypt 2.0, its data security platform, now expanded to provide transparent data encryption (TDE) for the entire LAMP stack, including any data, logs or …
Google blacklisted 247 additional DigiNotar certificates?
New versions of Chrome and Firefox have been released today by Google and Mozilla due to the discovery of a rogue Google SSL certificate being abused in the wild. DigiNotar …
Rogue Google SSL certificate allowed MITM Gmail attacks
Recently discovered attempts of an SSL man-in-the-middle attack against Google users – spotted by a number of Iranian Internet users – have revealed that Dutch …
PBConnex: Full-disk encryption with pre-boot networking
WinMagic launched SecureDoc with PBConnex, a full-disk encryption solution with pre-boot networking. PBConnex, an extension to SecureDoc, fully integrates network support …
Researchers identify first flaws in the Advanced Encryption Standard
Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by …
New crypto support for mobile payment issuers
Thales announced software for Hardware Security Modules (HSMs) that enables mobile payment issuers to deliver their mobile payment applications to mobile handsets Over-The-Air …
P25 security mitigation guide
In a recent research paper [pdf], we analyzed the security features of the APCO Project 25 (P25) digital two-way radio system. P25 radios are widely deployed in the United …
What really breaks SSL?
After years of being ignored — which is an unusual situation for the protocol that secures the Web — SSL became the focus of the interests of the security …
Granular access to encrypted data in the cloud
Newline Software announced the release of OPTIC, Online Privacy Technology In the Cloud. The solution allows developers to securely query, write, and read encrypted data to …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility