encryption

Pierluigi Paganini October 21, 2015
Businesses Using Millions of insecure SHA-1 Certificates

Experts at Netcraft discovered that nearly a million SSL SHA-1 certificates were signed with the potentially vulnerable SHA-1 hashing algorithm. Businesses Using Millions of Flawed Certificates, the news is shocking and refers the adoption of SHA-1 certificates, despite the algorithm is considered no more secure. Many big businesses, including firms like Deloitte, are still using SHA-1 certificates, […]

Pierluigi Paganini October 17, 2015
NSA broke trillions of encrypted connections due to a flaw

A flaw affecting the way encryption software implements the Diffie-Hellman key exchange algorithm allowed the NSA to break trillions of encrypted connections. Edward Snowden has revealed to the world that the NSA was able to crack also the almost encryption to conduct a large-scale online surveillance. According to Snowden, the intelligence Agency was able to decrypt […]

Pierluigi Paganini October 15, 2015
5 Guidelines in Battling Cyber Criminals Over Precious Business Data

5 Guidelines in Battling Cyber Criminals Over Precious Business Data, lets’s try to understand how to Ensure Enterprise Security. You would think that a company that stores their clients’ money and handles investments would have tight security measures on their system against cyber attacks. Apparently, this is not always the case. In 2014, Scottrade, a […]

Pierluigi Paganini October 10, 2015
Cost of Breaking SHA-1 decreases due to a new Collision Attack

A group of researchers has demonstrated that the cost of breaking the SHA-1 hash algorithm is lower than previously estimated. The SHA-1 is still one of the most used cryptographic hash algorithm, but bad news for its supporters, a New Collision Attack Lowers Cost of Breaking it. The news is worrying, the cost and time […]

Pierluigi Paganini September 30, 2015
Are you still using TrueCrypt? Beware of these 2 critical flaws!

The popular security expert James Forshaw has discovered two critical flaws in the driver that TrueCrypt installs on Windows systems. Bad news for Windows users who have decided to use TrueCrypt to encrypt their hard drives, the researcher James Forshaw, a member of Google’s Project Zero team, has discovered two serious vulnerabilities affecting the popular […]

Pierluigi Paganini September 25, 2015
The US military is still sending un-encrypted emails

The MotherBoard news website recently published an interesting analysis on how the US Military Fails to Protect its Soldiers’ Emails, how is it possible? After the Edward Snowden case blown up in the US Government face, the US decided to create a task force to encrypt all that can, urging the adoption of HTTPS for […]

Pierluigi Paganini September 23, 2015
National Encryption Policy draft, everyone is under strict surveillance

The Indian Government plans to release the new National Encryption Policy, a law that seems to be one of the big threat to the Internet freedom. A new problem is worrying the Indian friends, the Government plans to release a new policy, National Encryption Policy’ that seems to presage disappointments for users. Among ugly and questionable issues […]

Pierluigi Paganini September 09, 2015
Many HTTPs sites at risk of revealing their private keys because of a critical bug

A number of recent discoveries suggest as more HTTPs websites, chat applicationss, and other services online are actualizing perfect forward secrecy. As per a Red Hat (a Linux distributor) security specialist, system equipment sold by few makers neglected to appropriately execute a broadly utilized cryptographic standard, an information releasing weakness that can permit spammers to […]

Pierluigi Paganini August 14, 2015
OpenSSH 7.0 Fixes Four Flaws and other issues

A new version of OpenSSH is available, the new release of OpenSSH 7.0 fixes four security flaws and several other bugs. Update it! A new version of OpenSSH is available, the new release of OpenSSH 7.0 fixes four security flaws and several other bugs. Then new OpenSSH 7.0 fixes a use-after-free vulnerability and three other […]

Pierluigi Paganini July 16, 2015
The newest RC4 attack is a nightmare for certain HTTPS implementations

The newest RC4 attack is a nightmare for certain HTTPS implementations, almost a third of the world’s encrypted Web connections can be cracked. We have written several times about RC4 encryption that has been accused of being a Cryptographic disaster, now two Belgian security researchers from the University of Leuven did another discovery that highlights […]