RSS Reader for Computer Security Articles
Credit to Author: Kevin Mitnick| Date: Fri, 24 Feb 2017 17:00:29 +0000
Want to become invisible online? Start with your emails. The post Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online appeared first on WIRED.
Read More
Credit to Author: Lucian Constantin| Date: Thu, 23 Feb 2017 14:35:00 -0800
Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be discontinued as soon as possible.
SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.
To read this article in full or to leave a comment, please click here
Credit to Author: Lily Hay Newman| Date: Thu, 23 Feb 2017 13:00:56 +0000
NIST has been warning about vulnerabilities in its SHA-1 cryptographic hash function for years, but some services still use it and the threats are growing. The post A Super-Common Crypto Tool Turns Out to Be Super-Insecure appeared first on WIRED.
Read More
Credit to Author: Lucian Constantin| Date: Wed, 22 Feb 2017 11:09:00 -0800
A new file-encrypting ransomware program for macOS is being distributed through bit torrent websites, and users who fall victim to it won’t be able to recover their files — even if they pay.
Crypto ransomware programs for macOS are rare. This is the second such threat found in the wild so far, and it’s a poorly designed one. The program was named OSX/Filecoder.E by the malware researchers from antivirus vendor ESET who found it.
OSX/Filecoder.E masquerades as a cracking tool for commercial software like Adobe Premiere Pro CC and Microsoft Office for Mac. It is written in Apple’s Swift programming language by what appears to be an inexperienced developer, judging from the many mistakes made in its implementation.
To read this article in full or to leave a comment, please click here
Credit to Author: Lily Hay Newman| Date: Wed, 15 Feb 2017 17:43:57 +0000
An encrypted chat app called Confide has taken over Capitol Hill and the White House, but what will mean for transparency? The post Encryption Apps Help White House Staffers Leak—and Maybe Break the Law appeared first on WIRED.
Read MoreCredit to Author: Andy Greenberg| Date: Tue, 14 Feb 2017 18:55:08 +0000
You’re about to be able to turn on new encrypted calling features. But you may also want to turn off one that could leak your metadata. The post The Best Encrypted Chat App Now Does Video Calls Too appeared first on WIRED.
Read MoreCredit to Author: Andy Greenberg| Date: Tue, 14 Feb 2017 18:55:08 +0000
You’re about to be able to turn on new encrypted calling features. But you may also want to turn off one that could leak your metadata. The post Encryption App Signal Adds Video Calls—And a New Privacy Tradeoff appeared first on WIRED.
Read More
Accenture wants to help businesses use blockchain technologies more securely by locking away the encryption keys they use to sign transactions.
It’s built a system that blockchain developers can use to store credentials in specialized cryptoprocessors called hardware security modules (HSMs).
HSMs are typically used by banks to store the PINs associated with payment cards or the credentials used to make interbank payments over the SWIFT network, and are much more secure than storing the credentials, even in encrypted form, on network-connected servers from where attackers could steal them.
The PINs or credentials never leave the HSMs, and their use within them is strictly controlled.
To read this article in full or to leave a comment, please click here