Ars Technica

Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud

Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in ...
Network World

Cracking MD5 … with Google?!

The MD5 algorithm has a new vulnerability: Google! Here’s a piece of news that will worry anyone interested in security (which should be pretty much everyone who reads Network World): A programmer by ...
Threat Post

Microsoft Details Flame Hash-Collision Attack

The details of the collision attack used by the Flame malware authors to create a forged code-signing certificate for Microsoft code are beginning to emerge, and the company said that the attackers ...
Search Engine Roundtable

Google Doesn't Decode MD5 Hash URLs For Keywords

I love seeing Google SEO related questions I've never seen before and this one, I never saw before. Does Google decode md5 hash values in URLs to extract hidden keywords within them for image search ...
Infosecurity-magazine.com

Proof of Concept Attack Further Discredits MD5

Researchers from the École Polytechnique Fédérale de Lausanne in Switzerland, the Eindhoven University of Technology and the University of Berkeley among others used the machines to create a rogue ...
Wired

Researchers Use PlayStation Cluster to Forge a Web Skeleton Key

A powerful digital certificate that can be used to forge the identity of any website on the internet is in the hands of in international band of security researchers, thanks to a sophisticated attack ...
Ars Technica

iOS 5 now protects against DigiNotar, MD5-signed certs

iOS 5, still slowly rolling out to users after its launch on Wednesday, not only brings new features—it also brings a number of important security fixes for iPhone, iPad, and iPod touch users. The ...