Threat Post

Steam Patches Broken Crypto in Wake of Replay, Padding Oracle Attacks

The digital gaming platform Steam was quick to patch a cryptographic issue in the client recently that could have allowed an attacker to read sensitive information sent over its network, take over an ...
Threat Post

Padding Oracle Crypto Research Prompts Confusion, Dissenting Opinions on Severity

Few things tend to spark debates and controversy in the security community like a new piece of cryptographic research. The paper by a group of academic researchers on an improvement to a padding ...
Dark Reading

'POODLE' Attacks, Kills Off SSL 3.0

Disable SSL 3.0 in browsers and servers: That's the recommendation of security experts in the wake of the discovery of a serious flaw in the nearly 15-year-old version of the encryption protocol. The ...
Ars Technica

SSL broken, again, in POODLE attack

From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that’s used to secure Internet traffic from eavesdroppers both ...
ZDNet

Oracle Access Manager security bug so serious it let anyone access protected data

A bug that Oracle recently patched broke the main functionality of Oracle Access Manager (OAM), which should only give authorized users access to protected enterprise data. OAM provides an ...
Dark Reading

RSA SecurID 800 Token Attack Detailed By Researchers

A team of cryptographic scientists have found a way to exploit the RSA SecurID 800 token, as well as at least seven other tokens, by leveraging cryptographic flaws in the devices. The researchers, who ...