Security Alerts & News
by Tymoteusz A. Góral

#1820 Google using Project Wycheproof to scan crypto software for security holes
The Google Security Team has a new set of security tests to check cryptographic software libraries for known weaknesses. The company has already used Project Wycheproof to create more than 80 test cases that have so far uncovered more than 40 security bugs.

The project is developed and maintained by members of the Google Security Team, but isn’t an official Google product. It’s named after Mount Wycheproof, the smallest mountain in the world.

“The main motivation for the project is to have a goal that is achievable,” Google security engineers Daniel Bleichenbacher and Thai Duong wrote in the company’s security blog. “The smaller the mountain the more likely it is to be able to climb it!”

Security holes already uncovered using Project Wycheproof include the ability to recover the private key of widely used DSA and ECDHC implementations. As part of the project, the team provides “ready-to-use” tools to check Java Cryptography Architecture providers such as Bouncy Castle and the default providers in OpenJDK.
Read more
#1824 Census outage marked boom year for global DDoS attacks
#1823 Strong protection for MacOS Sierra: 12 packages put to the test
#1822 Cyber criminal jailed for five years for his part in £840k fraud
#1821 Op-ed: Why I’m not giving up on PGP
#1820 Google using Project Wycheproof to scan crypto software for security holes
#1819 Cyberattack suspected in Ukraine power outage
#1818 Protect your PC from ransomware with RansomFree
#1817 The many evolutions of Locky
#1816 Report: $3-5M in ad fraud daily from Methbot
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12