57 matches found
Weak Cryptography
railties has a weak cryptography scheme for secrets. It uses an unauthenticated CBC mode with a constant IV...
OPENSUSE-SU-2017:0034-1 Security update for kopete
This update for kopete fixes the following issues: - fix encrypting OTR messages after closing and re-opening kopete boo1016982, kde362535...
VeraCrypt Audit Reveals Critical Security Flaws — Update Now
After TrueCrypt mysteriously discontinued its service, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, as well as privacy conscious people. First of all, there is no such thing as a perfect, bug-free software. Even the most rigorously tested...
Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software
Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services. But it turns out that hackers are taking advantage of this...
In-Brief: Telegram Vulnerability, Malware in Nuclear Plant, Anti-Tor Malware and Hotpatching Exploit
Clickjacking Vulnerability in Telegram Web Client The official Telegram web-client that allows its users to access messenger account over desktop’s web browser is vulnerable to clickjacking web application vulnerability. Egyptian security researcher Mohamed A. Baset told The Hacker News about a...
German Government Audits TrueCrypt
TrueCrypt continues to fascinate even though it hasn’t been updated in more than a year and has been cleared of backdoors in more than one extensive audit. The German government’s Federal Office for Information Security BSI is the latest to inspect and analyze the security of the abandoned open...
LibreSSL memory leak vulnerability-vulnerability warning-the black bar safety net
Affected system: LibreSSL LibreSSL 2.0.0 - 2.3.0 Description: -------------------------------------------------------------------------------- CVECAN ID: CVE-2 0 1 5-5 3 3 3 LibreSSL is OpenSSL encryption software library a branch, is the Secure Sockets LayerSSLand Transport Layer...
Not found the rear door: open source encryption software TrueCrypt security audit-vulnerability warning-the black bar safety net
TrueCrypt is a popular open source file encryption software, which the user includes a large number of“sensitive persons”, such as businessmen, politicians, journalists, and therefore its safety has been well received by the attention. 2 0 1 4 年 5 months, the open source encryption software...
TrueCrypt Audit Cryptanalysis Finds No Backdoors
The results are in from the cryptanalysis phase of the TrueCrypt audit, and they show—nothing. Well, maybe not “nothing,” but certainly no signs of a deliberate backdoor from the NSA or any government entity, fears of which date back to the autumn of 2013, post-Snowden, and ignited talk to have t...
OpenSSL Releases Patch for POODLE Attack
The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the POODLE attack on SSLv3. The updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE...
New Initiative Simply Secure Aims to Make Security Tools Easier to Use
The dramatic revelations of large-scale government surveillance and deep penetration of the Internet by intelligence services and other adversaries have increased the interest of the general public in tools such as encryption software, anonymity services and others that previously were mainly of...
Possible TrueCrypt Fork in the Works
Although the developers behind the TrueCrypt encryption software have given up the ghost and decided to no longer maintain the application, interest in the project has never been higher. But, one of the developers says that a nascent effort to fork TrueCrypt is unlikely to succeed. Matthew Green,...
Audit Project Released Verified Repositories of TrueCrypt 7.1a
As the uncertainty surrounding the end of TrueCrypt continues, members of the security community are working to preserve a known-good archive of the last version of the open source encryption software released before the developers inserted a warning about potential unfixed bugs in the software a...
Popular Encryption Software TrueCrypt Shuts Down Mysteriously
TrueCrypt, the popular and reputed open source file and disk encryption Software for Windows, OSX and Linux, has abruptly closed down Wednesday recommending its users to use Microsoft's Bitlocker. TrueCrypt is a free, open-source and cross-platform encryption program, thereby one of the world's...
TrueCrypt Warns Software 'Not Secure,' Development Shut Down
Is it a hoax, or the end of the line for TrueCrypt? At the moment, there is little more than speculation as to the appearance today of an ominous note greeting visitors to the TrueCrypt page at SourceForge. The text warns that the open source encryption software is not secure and informs users th...
Terrorist Group Al-Qaeda Uses New Encryption Softwares After NSA Revelations
Last year, Just after Snowden leaks, the U.S Government warned that NSA surveillance revelations will make harder to track bad guys trying to harm the United States, as disclosures can be helpful to terrorist groups. In response to the NSA revelations, the terrorists at Al-Qaeda have started usin...
Cryptanalysis Remains for TrueCrypt Audit
Phase two of the TrueCrypt audit figures to be a labor-intensive, largely manual cryptanalysis, according to the two experts behind the Open Crypto Audit Project OCAP. Matthew Green, crypto expert and professor at Johns Hopkins University, said a small team of experts will have to, by hand, exami...
First Phase of TrueCrypt Audit Turns Up No Backdoors
A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released today by iSEC Partners, which was...
RSA Conference 2014 Art Coviello RSA keynote
SAN FRANCISCO – RSA Security executive chairman Art Coviello today at RSA Conference 2014 made his first public comments about the security company’s relationship with the National Security Agency, painting the landmark firm as a victim of the spy agency’s blurring of the lines between its...
Anonymity Tool Tor gains more than 1.2 Million new users since NSA PRISM scandal
Since Snowden came forward with details about the NSA's PRISM program in June, web users concerned about online privacy are increasingly turning toward privacy tools to protect their online data. U.S. Government project PRISM allows the government to tap phone calls, email, and web browsing of an...