First Practical SHA-1 Collision Attack Arrives
Researchers unveiled on Thursday the first practical collision attack for the 22-year old cryptographic hash function SHA-1. While long expected, news of the attack, dubbed ‘ SHAttered ,’ should...
View ArticleNetflix Debuts 'Stethoscope' Open-Source Security Tool
Entertainment giant offers open-source app for security. Entertainment giant Netflix has released a new Web application called Stethoscope designed to tackle security issues with mobile and desktop...
View ArticleHealthcare data breaches ‘mostly caused by insiders’
Targeting healthcare organizations remainsabout as easyas shooting fish in a barrel. The industry has one of the lowest rates of data encryption and the security culture is severely lacking. Employee...
View ArticleIs Digital Privacy a Privilege Of The Wealthy?
It’s a chilly spring morning in 1987, and things aren’t going so well for you.The threats and stalking weren’t your fault, but you’re genuinely afraid for your safety and the police couldn’t help...
View ArticleBig Data Needs Big Security. Here’s Why.
In case you thought that big data was no longer a big deal, think again. IDC predicts continued double-digit growth for big data and business analytics through 2020. Why? Because companies are...
View ArticleSteps To Secure Your Website With An SSL Certificate
Is customer data safe on your website? When consumers provide credit card information or personal details, is the link between your site and their device secure ― or open to prying eyes? Providing...
View ArticleLeveraging the Cloud to Achieve Comprehensive Asset Visibility, Tracking and...
T he current IT landscape has fundamentally changed the way that organizations view their security and assess their overall risk posture. Technologies like cloud, DevOps deployments and containers...
View ArticleNo key, no login: G Suite admins can now make FIDO security keys mandatory
Today, Google announceda new G Suite feature that allows admins to lock down accounts so they canonly be accessed by users with a physical USB security key. TheFIDO U2F Security Keys have been...
View Article【技术分享】Cloudflare解析器bug导致内存泄漏事件报告
【技术分享】Cloudflare解析器bug导致内存泄漏事件报告 2017-02-24 18:37:19 来源:cloudflare.com 作者:myswsun 阅读:616次 点赞(0) 收藏 翻译:myswsun 预估稿费:260RMB 投稿方式:发送邮件至linwei#360.cn,或登陆网页版在线投稿 0x00 前言 上星期五,来自谷歌Project Zero组织的Tavis...
View Article伊朗黑客是怎样一种存在?
伊朗黑客是怎样一种存在? 一点号安在2小时前 伊朗是众多阿拉伯兄弟中出类拔萃的强大存在,自2010年“Stuxnet病毒”破坏了伊朗核设施后,该国就一直在建设自己的网络攻击力量,并逐渐发展成为网络空间最具攻击性的国家之一。虽不及以色列的强大攻势,但其在网络战争中的实力还是有目共睹的,下面就梳理一些“战绩”大家自行感受: 2008年入侵土耳其石油管道,引发爆炸;...
View Article盘点RSA 2017大会亮相的30款安全新产品
ZD至顶网安全频道 02月22日 综合消息: 上周大家的目光都聚焦于在加州旧金山举行的RSA 2017大会,众多安全公司为这次活动带来了他们最新最好的解决方案、发布新的功能、平台、以及为未来奠定基础的集成。对于安全行业的很多公司来说,RSA大会提供了一个机会去探索新的战略方向,面向合作伙伴传播新的产品。从机器学习到数据安全,到端点安全再到SIEM,看看今年RSA大会上公布的30款新的安全解决方案。...
View Article巨量演算实现碰撞!Google攻破最重要的加密技术
Google 的安全团队刚刚创造了计算机加密学在 2107 年的第一个里程碑:他们攻破了 SHA-1 安全加密算法。 这是一件相当令人感到激动的事件,原因还要从 SHA-1 到底是个什么东西说起。 SHA-1 是什么? SHA-1(全称 Secure Hash Algorithm-1)是一种安全加密算法,最主要的用途是数字签名。...
View ArticleThe end of SHA-1 on the Public Web
Our deprecation plan for the SHA-1 algorithm in the public Web, first announced in 2015 , is drawing to a close. Today a team of researchers from CWI Amsterdam and Google revealed the first practical...
View ArticleGoogle宣布攻破SHA-1,从此SHA-1不再安全!
SHA-1等加密散列函数可谓加密学家手中的瑞士军刀。无论是浏览器安全保护、代码库管理乃至检测存储介质的重复文件,散列技术都在其中发挥着重要作用。散列函数能够将大量数据压缩为体积更小的消息摘要。作为一项被广泛使用的加密方案,其最基本的要求就是在当前计算能力上无法找到摘要相同的两条消息。然而随着时间的推移,这一要求很可能在 针对散列函数数学基础 的攻击或者计算能力提升等因素的冲击之下不再具有保障。...
View ArticleGoogle Just Cracked the Widely Used SHA1 Function It’s Now Officially Unsafe
The SHA1 (Secure Hash Algorithm 1) cryptographic hash function is used togenerate hashes for verifying the authenticity of thedigital content. Despite a decade of warnings about thelack of security...
View ArticleOn Watering Holes, Trust, Defensible Systems and Data Science Community Security
I’ve been threatening to do a series on “data science community security” for a while and had cause to issue this inaugural post today. It all started with this: Hey #rstats folks: don't do this....
View ArticleWays you can protect yourself on the Internet
Editors note: Guest submission by Anas Baig, a Digital Marketer & Security Enthusiast. Anyone can fall victim to hacking, and this fact is as evident as the shining sun. Every time you go online,...
View Article周鸿yN:网络安全需要有灵感、有天赋的奇才、怪才
周鸿yN:网络安全需要有灵感、有天赋的奇才、怪才 一点号周鸿yN6小时前 php?url=0Fiii4k7Xp" alt="周鸿yN:网络安全需要有灵感、有天赋的奇才、怪才" />在昨天的360SRC(360安全应急响应中心)三周年庆典上,公司来了很多安全圈里的白帽子大神,有的甚至还是大学生。...
View Article密码学大事件!第一例 SHA-1 哈希碰撞实例公布
今日有消息报道荷兰阿姆斯特(CWI)研究所和谷歌研究人员发布了世界上第一例公开的SHA-1哈希碰撞实例。 在现实世界里,哈希碰撞事件也确有发生。如利用 MD5 碰撞伪造合法 CA 证书,进而攻击 HTTPS 安全体系。 消息称,CWI 研究所的 Marc Stevens 是此次攻击的关键人物,2016 年找到了SHA-1算法内部的核心组件 internal compression function...
View Article