5493 matches found
Moderate: Red Hat Security Advisory: openssl security update
An update for the OpenSSL component for JBoss Enterprise Application Platform 5.2.0 for Solaris and Microsoft Windows that fixes two security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Comm...
Bitcoin's Wallet Service Instawallet Hacked, suspended indefinitely
The digital currency Bitcoin has suffered yet another hack. Bitcoin wallet site Instawallet has been taken offline after a security compromise, has suspended its service indefinitely. Instawallet didn't say in a notice on its website how many bitcoins were stolen after hackers fraudulently access...
Bitcoin's Wallet Service Instawallet Hacked, suspended indefinitely
The digital currency Bitcoin has suffered yet another hack. Bitcoin wallet site Instawallet has been taken offline after a security compromise, has suspended its service indefinitely. Instawallet didn't say in a notice on its website how many bitcoins were stolen after hackers fraudulently access...
Cisco IOS cryptography vulnerability
Invalid hash algorithm implementation for type 4 passwords...
Attack Exploits Weakness in RC4 Cipher to Decrypt User Sessions
It’s been more than 25 years since Ron Rivest invented his RC4 stream cipher, and after all that time it’s still being used widely, which is something of an achievement in the crypto world. However, for more than 15 years researchers have known about a weakness in RC4 that could enable an attacke...
RedHat Update for openssl RHSA-2013:0587-01
Check for the Version of openssl OpenVAS Vulnerability Test RedHat Update for openssl RHSA-2013:0587-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RSA Conference 2013: Experts Say It's Time to Prepare for a 'Post-Crypto' World
SAN FRANCISCO–In the current climate of continuous attacks and intrusions by APT crews, government-sponsored groups and others organizations, cryptography is becoming less and less important and defenders need to start thinking about new ways to protect data on systems that they assume are...
Phil Zimmermann: 'We Really, Really Don't Have the Keys'
SAN JUAN, Puerto Rico–Phil Zimmermann has seen more changes in the the threat landscape in his career than he may care to remember. The inventor of the PGP encryption software and one of the key movers in the crypto wars of the early 1990s, Zimmermann is back in the game now with a new mobile...
Dotcom Offers €10,000 Reward For Breaking Mega's Crypto
Of all the problems that entrepreneur Kim Dotcom has faced in the last decade, including several arrests, insider trading charges and even a raid on his New Zealand home involving black helicopters and dozens of agents in body armor, the criticism of the cryptography employed by his new Mega...
jbossws: Prone to Bleichenbacher attack against to be distributed symmetric key
A flaw was found in JBoss web services where the services used a weak symmetric encryption protocol, PKCS1 v1.5. An attacker could use this weakness in chosen-ciphertext attacks to recover the symmetric key and conduct further attacks...
Слабая криптография в IP-телефонах Aastra
Configuration file encryption is vulnerable to replay attacks...
python keyring weak cryptography
Insecure cipher initializaton...
Ubuntu Update for python-keyring USN-1634-1
Ubuntu Update for Linux kernel vulnerabilities USN-1634-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16341.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python-keyring USN-1634-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.n...
Ubuntu: Security Advisory (USN-1634-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 11.10 / 12.04 LTS / 12.10 : python-keyring vulnerabilities (USN-1634-1)
Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. CVE-2012-4571 It was discovered that Python...
USN-1634-1: Python Keyring vulnerabilities
Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. CVE-2012-4571 It was discovered that Python...
Cross-VM Side-channel attacks against cryptography keys
A group of researchers has developed a side-channel attack targeting virtual machines that could pose a threat to cloud computing environments. Side-channel attacks against cryptography keys have, until now, been limited to physical machines, this attack is the first such attack demonstrated on a...
Julian Assange's Book 'Cypherpunks' - Freedom and the Future of the Internet
Julian Assange publish a book based on his interview "Cypherpunks" on "The World Tomorrow", his controversial talk show, with the people he believes know the solution to the problems of privacy and freedom. The book called 'Cypherpunks: Freedom and the Future of the Internet,' was written by...
Adobe Extends Security of Reader and Acrobat With Better Sandbox, Force ASLR
Adobe has upgraded the security capabilities of both Reader and Acrobat with new releases this week, extending the functionality of the sandbox and adding a feature that forces all of the DLLs loaded by the applications to use ASLR, regardless of whether they originally were compiled with ASLR...
SHA-1 Hash Collision Could Be Within Reach of Attackers By 2018
It’s been just a few days since NIST approved Keccak as the winner of the SHA-3 competition, and it likely will be some time before we begin seeing the new hash algorithm popping up in common products and services. However, some in the cryptography community say it may not be a bad idea to start...