Researchers detail the Blast-RADIUS MD5-based vulnerability affecting RADIUS, a widely used network access authentication protocol first developed in 1991
AWAITING ANALYSIS — This vulnerability is currently awaiting analysis. Microsoft Support : KB5040268: How to manage the Access-Request packets attack vulnerability associated with CVE-2024-3596 Conn...
Researchers detail a MITM attack on SSH that can break the integrity of the protocol, the first “practical attack of its kind”; fixes face compatibility issues
SSH is an internet standard that provides secure access to network services … Connor Jones / The Register : SSH shaken, not stirred by Terrapin vulnerability Terrapin Attack : Terrapin Attack: Breakin...
An investigation shows TrustCor Systems, used by Chrome, Safari, and Firefox as a root certificate authority, has connections to US intel and law enforcement
TrustCor Systems vouches for the legitimacy of websites. But its physical address is a UPS Store in Toronto. Tweets: @shashj , @josephmenn , @jvagle , @matthew_d_green , and @v0max Tweets: Shashank J...
Two weeks ahead of China's 20th communist party congress, censors seem to be blocking TLS-based circumvention tools that locals use to bypass the Great Firewall
TechCrunch :
Russia has created its own trusted TLS certificate authority as sanctions prevent Russian sites from renewing existing TLS certificates
Yeah, RIGHT TechRadar : Russia creates its own TLS certificate authority to bypass sanctions Leigh Mc Gowran / Silicon Republic : Russia issues its own TLS certificates to get past global sanctions Ad...
The UK government hires ad agency M&C Saatchi to run a publicity campaign criticizing Meta's plans to make Messenger end-to-end encrypted by default
only because the UK gov would be happy to let competitors throw Facebook under the bus. But not the long term. Matthew Green / @matthew_d_green : If somehow it looked like we were headed to a world wi...
UK government hires M&C Saatchi ad agency to run a publicity campaign criticizing Meta's plans to make Messenger e2e encrypted by default
The Home Office has hired a high-end ad agency to mobilize public opinion against encrypted communications — with plans that include some shockingly manipulative tactics Tweets: @jamesrbuk , @rupertg ...
How US agencies are preparing for “post-quantum cryptography” against attackers who harvest sensitive data now for decryption in the future
The US government is starting a generation-long battle against the threat next-generation computers pose to encryption. Tweets: @techreview , @techreview , @aarongrunwald , @statecreative74 , @royvanr...
Sources: Facebook has done little to act on the Islamophobic “Love Jihad” conspiracy theory on its platform in India due to “political sensitivities”
In a video posted to Facebook in November 2020, an extremist priest called for Hindus to rise up and begin killing Muslims in India. Tweets: @jason_kint , @damomusings , @verambergen , @skjain_05 , @k...
Experts say FTI's report on the hack of Bezos' phone does not explain why FTI wasn't able to decrypt the malicious file or perform actions like jailbreaking
@billmarczak @ErrataRob @matthew_d_green + more in @CyberScoopNews https://www.cyberscoop.com/... Alex Gantman / @againsthimself : Ok, this report is pretty bad and only serves to lower (if not wholly...