The password protecting one of the two Juniper backdoors was published after it was discovered by researchers at Fox-IT and Rapid7.
Tag Archives: Cryptography
Google Search Rankings Prefer HTTPS by Default
Google announce it would, by default, begin giving HTTPS preference in search engine rankings.
Threatpost News Wrap, October 30, 2015
Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.
NSA’s Divorce from ECC Causing Crypto Hand-Wringing
The NSA is moving away from Elliptic Curve Cryptography, and cryptographers aren’t buying their reasoning that advances in post quantum computing put ECC in jeopardy.
Novel NTP Attacks Roll Back Time
Researchers at Boston University have published new attacks against the Network Time Protocol (NTP) that jeopardize the security of numerous online activities.
Let’s Encrypt Hits Another Free HTTPS Milestone
Let’s Encrypt hit a milestone last night when it received the cross-signatures necessary to render its beta-and free-certificates trusted by all browsers.
Microsoft Releases Six Bulletins, Continues RC4 Deprecation
Microsoft released six security bulletins today, and continued its deprecation of the weak RC4 encryption algorithm across Windows systems.
Threatpost News Wrap, October 12, 2015
Mike Mimoso and Chris Brook discuss the week in news–including how researchers disrupted a campaign using the Angler Exploit Kit, how a researcher was forced to pull a talk from a conference, and how a practical SHA-1 collision could be months away, not years.
Google Details Plans to Disable SSLv3 and RC4
As expected, Google formally announced its intent to move away from the stream cipher RC4 and the protocol SSLv3 this week, citing a long history of weaknesses in both.
D-Link Accidentally Leaks Private Code-Signing Keys
Private keys used to sign D-Link software were included in open-source firmware published by the company.