Security Alerts & News
by Tymoteusz A. Góral

History
#2033 Google has demonstrated a successful practical attack against SHA1
Cryptographic hash functions like SHA-1 are a cryptographer’s swiss army knife. You’ll find that hashes play a role in browser security, managing code repositories, or even just detecting duplicate files in storage. Hash functions compress large amounts of data into a small message digest. As a cryptographic requirement for wide-spread use, finding two messages that lead to the same digest should be computationally infeasible. Over time however, this requirement can fail due to attacks on the mathematical underpinnings of hash functions or to increases in computational power.

Today, more than 20 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision. This represents the culmination of two years of research that sprung from a collaboration between the CWI Institute in Amsterdam and Google. We’ve summarized how we went about generating a collision below. As a proof of the attack, we are releasing two PDFs that have identical SHA-1 hashes but different content.
Read more
#2033 Google has demonstrated a successful practical attack against SHA1
#2032 State of cyber security 2017 (PDF)
#2031 UK police arrest suspect behind Mirai malware attacks on Deutsche Telekom
#2030 Released Android malware source code used to run a banking botnet
#2029 Eleven-year-old root flaw found and patched in the Linux kernel
#2028 Serious Cloudflare bug exposed a potpourri of secret customer data
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12