Under Armour is getting kudos for disclosing breach within weeks, but concerns remain over an unknown portion of credentials reportedly stored using the weak SHA-1 hashing function.

RC4 apparently is no longer the lone pariah among smaller cryptographic ciphers. Already broken and set for deprecation by the major browser and technology makers, RC4 could shortly have company in Triple-DES (3DES) and Blowfish. Researchers are set to present new attacks against 64-bit ciphers that allow for the recovery of authentication cookies from 3DES-protected...