Mountain View, Calif.-based Verisign, a managed security service provider, said that it has immediately discontinued the flawed MD5 cryptographic function used for digital signatures, while offering a ...

Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop ...

In reaction to the news today that security researchers have come up with a way to spoof the digital certificates that secure many Web sites, Microsoft Corp. downplayed the threat to users. In a ...

Mozilla also acknowledged the MD5 algorithm could be hacked and phony digital certificates created as a result, but said it hadn't seen any evidence of actual attacks In reaction to the news today ...

The good news is that most CA’s now use SHA-1 as their hash algorithm, but there are still a few CA’s that use MD5. The researchers constructed the attack “using … a cluster of more than 200 ...

Following the success of researchers last week in creating a false SSL certificate based on VeriSign’s RapidSSL brand, the company is scrambling to explain how it happened, how it’s preventing it from ...

A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions. The “secure enough” ...

After so many high-profile data breaches, it’s time developers learned that storing passwords is a really bad idea. And there is a perfectly workable alternative. Last week, I went to a project ...