The OpenSSL Project has pushed out new versions of the widely used OpenSSL cryptographic library, which incorporate patches for two distinct security bugs, and an update of the protection against the infamous Logjam vulnerability.
After IOActive researcher Fernando Arnaboldi publicly revealed three crucial vulnerabilities in Drupal's update process last Thursday, the Drupal Security Team published a response on the Drupal Groups page.
Researchers Karthikeyan Bhargavan and Gaëtan Leurent from INRIA, the French national research institute for computer science, have discovered a new class of transcript collision attacks that can be leveraged against (supposedly secure) mainstream protocols such as TLS, IKE, and SSH.
Ivan Ristic is well-known in the information security world, and his name has become almost a synonym for SSL Labs, a project he started in early 2009.
A group of security researchers has recently announced that it's highly likely that effective collision attacks that would break SHA-1 encryption will be revealed by the end of 2015.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.