Security researchers have developed a password storage system that uses inexpensive hardware to prevent the cracking of passwords—even the most common and weak ones such as "123456," "password," and... read more
Featured Slideshow
SSL
Gameover trojan hides in SSL
Submitted by l33tdawg on Mon, 2013-10-07 23:29
Saboteurs spreading the Gameover banking trojan are using an encrypted secure sockets layer connection to remain undetected and have infected at least a quarter of a million machines.
Researchers at Dell SecureWorks Counter Threat Unit (CTU) detailed attackers' latest schemes to spread the financial malware in a blog post published last Friday.
- Read more about Gameover trojan hides in SSL
- Log in or register to post comments
- 943 reads
Researchers devise new attack techniques against SSL
Submitted by l33tdawg on Wed, 2013-02-06 06:31
The developers of many SSL libraries are releasing patches for a vulnerability that could potentially be exploited to recover plaintext information, such as browser authentication cookies, from encrypted communications.
The patching effort follows the discovery of new ways to attack SSL, TLS and DTLS implementations that use cipher-block-chaining (CBC) mode encryption. The new attack methods were developed by researchers Nadhem J. AlFardan and Kenneth G. Paterson at the University of London's Royal Holloway College.
- Read more about Researchers devise new attack techniques against SSL
- Log in or register to post comments
- 1425 reads
Google calls for a more secure web & expands SSL encryption to local domains
Submitted by l33tdawg on Tue, 2012-03-06 01:15
Last year, Google introduced SSL (Secure Sockets Layer) encryption to searches made through Google.com. Now, the effort to strengthen user privacy through encrypted search queries is becoming global, and Google hopes this will “motivate other companies to adopt SSL more broadly.”
Note that countless users have their own concerns with Google and how it handles user data. SSL obviously can’t solve issues of trust, and that’s a separate issue. As far as keeping users safe from outside threats, this is a solid move. The announcement, from Google Software Engineer, Michael Safyan:
- Read more about Google calls for a more secure web & expands SSL encryption to local domains
- Log in or register to post comments
- 916 reads
SSL fix aims to mend huge cracks in Net's foundation of trust
Submitted by l33tdawg on Mon, 2012-02-27 00:52
Open-source software developer Kai Engert has proposed an overhaul to the Internet's SSL authentication system, aiming to minimize the damage that would result from the compromise of one of the authorities trusted by major browsers.
- Read more about SSL fix aims to mend huge cracks in Net's foundation of trust
- Log in or register to post comments
- 1179 reads
Mozilla will ask all certificate authorities to revoke SSL-spying certificates
Submitted by l33tdawg on Wed, 2012-02-15 09:46
Mozilla plans to ask all certificate authorities to review their subordinate CA certificates and revoke those that could be used by companies to inspect SSL (Secure Sockets Layer)-encrypted traffic for domain names they don't control.
- Read more about Mozilla will ask all certificate authorities to revoke SSL-spying certificates
- Log in or register to post comments
- 1659 reads