LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: February 10th, 2012
Linux Security Week: February 6th, 2012
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Cryptography
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Trustwave admits issuing 'man-in-the-middle' digital certificate  08 February 2012 
Source: InfoWorld - Posted by Anthony Pell   
Digital Certificate Authority (CA) Trustwave revealed that it has issued a digital certificate that enabled an unnamed private company to spy on SSL-protected connections within its corporate network, an action that prompted the Mozilla community to debate whether the CA's root certificate should be removed from Firefox.
 
DNSCrypt: a tool to encrypt all DNS traffic  08 December 2011 
Source: H Security - Posted by Anthony Pell   
DNS service provider OpenDNS has announced a preview release of a new open source tool to improve internet security: DNSCrypt encrypts all DNS traffic between a user's system and a DNS server. The tool is currently only available for the Mac, with a Windows version promised, and only works with OpenDNS's own DNS service.
 
KPN Stops Issuing SSL Certificates After Possible Breach  07 November 2011 
Source: PC World - Posted by Anthony Pell   
The largest telecommunications company in the Netherlands has stopped issuing SSL (Secure Sockets Layer) certificates after finding indications that the website used for purchasing the certificates may have been hacked.
 
Hackers Release DoS Attack Tool Targeting SSL Servers  26 October 2011 
Source: eWeek - Posted by Dave Wreski   
A hacker group has released a proof-of-concept tool that exploits how encryption keys can be renegotiated to launch a distributed denial of service attack against Secure Sockets Layer servers.
 
XML Encryption Flaw Leaves Web Services Vulnerable  25 October 2011 
Source: Information Week - Posted by Dave Wreski   
Watch your Web Services: the official XML Encryption Syntax and Processing standard can be broken. So say two researchers from Ruhr-University Bochum in Germany, who have demonstrated a practical attack against XML's cipher block chaining (CBC) mode.
 
Gmail Adds Encrypted Search to Foil Snoopers  21 October 2011 
Source: CSO Online - Posted by Dave Wreski   
Google is extending SSL encryption security to search traffic for all logged-in Gmail users, the company has announced. The key phrase here is 'by default' because it has been possible for Google search users to access encrypted search manually since May of last year using the https://encrypted.google.com/ site.
 
The SSL certificate industry can and should be replaced  13 October 2011 
Source: Network World - Posted by Dave Wreski   
The SSL certificate authorities like Comodo that have had their security undermined by hackers shouldn't be trusted, and in fact, the way the entire SSL certificate industry of today works can and should be replaced with something better, says Moxie Marlinspike, a security expert who's come up with a plan he says will do that.
 
Authencity of Web pages comes under attack  28 September 2011 
Source: USA Today - Posted by Alex   
The keepers of the Internet have become acutely concerned about the Web's core trustworthiness. Hackers cracked three companies that work with the most popular Web browsers to ensure the authenticity of Web pages where consumers type in sensitive information, such as account log-ons, credit card numbers and personal data.
 
EFF inspects encryption tool for Adium, Pidgin IM clients  26 September 2011 
Source: Network World - Posted by Dave Wreski   
The digital watchdog Electronic Frontier Foundation (EFF) lent a technical hand to fix security problems in a tool used to encrypt instant messenger conversations using the Adium and Pidgin programs.
 
Beware of BEAST decrypting secret PayPal cookies  21 September 2011 
Source: The Register UK - Posted by Alex   
Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.
 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 996
    
Partner

 

Latest Features
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Using the sec-wall Security Proxy
sec-wall: Open Source Security Proxy
Yesterday's Edition
Hackers Hit Apple Supplier Foxconn, Leak Usernames And Passwords
Hackers Mug Google's Wallet App on Rooted Android Devices
Google Chrome will no longer check for revoked SSL certificates online
Have Your Users' Passwords Already Been Hacked?
DDoS Tools Flourish, Give Attackers Many Options
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2012 Guardian Digital, Inc. All rights reserved.