U.S. developing Technology to Identify and Track Hackers Worldwide

Without adequate analysis and algorithms, mass surveillance is not the answer to fighting terrorism and tracking suspects. That's what President Obama had learned last year when he signed the USA Freedom Act, which ends the bulk collection of domestic phone data by US Intelligence Agencies. There...

[SECURITY] Fedora 23 Update: openssl-1.0.2h-1.fc23

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Analyzing TLS Libraries: TLS-Attacker

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow...

Addressing False Positives from CBC and MAC Vulnerability Scans of NetScaler SSHD

BUG0217580 addressed an SSH vulnerability CVE-2008-5161 involving CBC algorithms used in SSH connections CBC Mode Plaintext Recovery Vulnerability. The bug was reported when NetScaler 10.0 was still the newest version as NetScaler shipped with an affected version of OpenSSH. The NetScaler bug fix...

SSH Weak Algorithms Supported

Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid90317; scriptversion"1.4";...

botan: multiple issues

CVE-2016-2849 ECDSA side channel: ECDSA and DSA signature algorithms perform a modular inverse on the signature nonce k. The modular inverse algorithm used had input dependent loops, and it is possible a side channel attack could recover sufficient information about the nonce to eventually...

[SECURITY] Fedora 22 Update: openssl-1.0.1k-14.fc22

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

SSH Protocol Algorithms Supported

This script detects which algorithms are supported by the remote SSH service. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 23 Update: openssl-1.0.2g-2.fc23

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

OpenSSL also new vulnerabilities, more than 1 1 0 0 million https sites affected-vulnerability warning-the black bar safety net

It is understood that recently the researchers in OpenSSL, discovered a new security vulnerability, this vulnerability will be on SSL Secure Socket Layer Security Protocol to generate a huge impact, and attacker may also favor this vulnerability to modern Web sites for attack. Affects more than 1...

Machine Learning Linux IPS: Stratosphere

This is the linux version of the Stratosphere IPS, a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors. It is part of a larger suite of programs that include the Stratosphere Windows IPS and the Stratosphere Testing...

CVE-2015-5012

The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via...

[SECURITY] Fedora 23 Update: openssl-1.0.2f-1.fc23

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Dnstwist - Domain Name Permutation Engine For Detecting Typo Squatting, Phishing And Corporate Espionage

See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate espionage. Useful as an additional source of targeted threat intelligence. The idea is...

RHEL 6 / 7 : gnutls (RHSA-2016:0012) (SLOTH)

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

CentOS Update for gnutls CESA-2016:0012 centos7

Check the version of gnutls SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882357";...

gnutls security update

CentOS Errata and Security Advisory CESA-2016:0012 Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Mozilla Warns of SHA-1 Deprecation Side Effects

As promised, Mozilla officially began rejecting new SHA-1 certificates as of the first of the year. And as promised, there have been some usability issues. Mozilla yesterday said that some security scanners and antivirus products are keeping some from reaching HTTPS websites. “When a user tries t...

SLOTH Collisions Attacks Against SHA-1, MD5 in TLS, IKE, SSH

If you’re hanging on to the theory that collision attacks against SHA-1 and MD5 aren’t yet practical, two researchers from INRIA, the French Institute for Research in Computer Science and Automation, have demonstrated new attacks that raise the urgency to move away from these broken cryptographic...

[SECURITY] Fedora 22 Update: bouncycastle-1.50-8.fc22

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment including the newly released J2ME with the additional infrastructure to conform the algorithms to the JCE...