Mountain View, Calif.-based Verisign, a managed security service provider, said that it has immediately discontinued the flawed MD5 cryptographic function used for digital signatures, while offering a ...

Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop ...

In reaction to the news today that security researchers have come up with a way to spoof the digital certificates that secure many Web sites, Microsoft Corp. downplayed the threat to users. In a ...

Mozilla also acknowledged the MD5 algorithm could be hacked and phony digital certificates created as a result, but said it hadn't seen any evidence of actual attacks In reaction to the news today ...

Following the success of researchers last week in creating a false SSL certificate based on VeriSign’s RapidSSL brand, the company is scrambling to explain how it happened, how it’s preventing it from ...

The good news is that most CA’s now use SHA-1 as their hash algorithm, but there are still a few CA’s that use MD5. The researchers constructed the attack “using … a cluster of more than 200 ...

A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions. The “secure enough” ...

After so many high-profile data breaches, it’s time developers learned that storing passwords is a really bad idea. And there is a perfectly workable alternative. Last week, I went to a project ...