Security Alerts & News
by Tymoteusz A. Góral

History
#1743 It’s the final countdown for SHA1 SSL certificates
We’re in the final days of what are loosely known as SHA-1 SSL certificates. In certificates of this sort, the cryptographic hash or “message digest” that is used as a digital fingerprint is caclulated, as the name suggests, using the SHA-1 algorithm.

To be a cryptographic hash, rather than just a plain old checksum, an algorithm needs to create a fingerprint that is genuinely hard to forge. In other words, if I take a message M and create a digital fingerprint by calculating f(M) = X, you shouldn’t be able to go backwards from X and figure out anything about M.

You shouldn’t be able to come up with a message of your own, N say, such that f(N) is also X. And you shouldn’t be able to come up with two different messages that have the same fingerprint, where f(A)= f(B) but A is not equal to B.

Unless these conditions are met, the hashing function f() simply isn’t safe enough to use as any sort of digital fingerprint and therefore has no place in cryptography.
Read more
#1744 ImageGate - malware in image and graphic files (VIDEO)
#1743 It’s the final countdown for SHA1 SSL certificates
#1742 Research on unsecured WiFi networks across the world
#1741 This cheap and nasty ransomware will try to encrypt files across your network and removable drives
#1740 New decryption tool for Crysis ransomware
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12