JSON libraries using the JWE specification to create, sign and encrypt access tokens have been patched against an attack that allows for the recovery of a private key.
The makers of the popular messaging app Confide said Wednesday it has patched multiple security vulnerabilities that could of allowed hackers to intercept messages sent using its secure end-to-end messaging platform.
FBI Director James Comey revived old rhetoric on strong encryption during a keynote at the Boston Conference on Cyber Security. He did not address the leak of CIA hacking tools or Russia during his talk.
The ramifications of the recent SHA-1 collision attack have extended to Git and the Apache Subversion repository, both of which rely on the outdated and vulnerable hashing algorithm.
Mike Mimoso and Chris Brook recap RSA and discuss the news of the week including the impact of Cloudflare’s “Cloudbleed” bug, Google breaking SHA-1, and more.