Even in Apple's and Google's "walled gardens", there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.)
Read moreSerious Security: GnuTLS follows OpenSSL, fixes timing attack bug
February 14 2023Conditional code considered cryptographically counterproductive.
Read moreMary Queen of Scots Letters Decrypted
February 9 2023This is a neat piece of historical research.
The team of computer scientist George Lasry, pianist Norbert Biermann and astrophysicist Satoshi Tomokiyo—all keen cryptographers—initially thought the batch...
Read more
OpenSSL fixes High Severity data-stealing bug – patch now!
February 8 20237 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...
Read moreHear renowned cybersecurity author Andy Greenberg's thoughtful commentary about the "war on crypto" as we talk to him about his new book...
Read moreAttacking Machine Learning Systems
February 6 2023The field of machine learning (ML) security—and corresponding adversarial ML—is rapidly advancing as researchers develop sophisticated techniques to perturb, disrupt, or steal the ML model or data. It’s a...
Read moreS3 Ep120: When dud crypto simply won’t let go [Audio + Text]
February 3 2023Latest episode - listen now!
Read moreIs it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Read moreSerious Security: The Samba logon bug caused by outdated crypto
January 31 2023Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
Read moreWe were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.
Read more
Recent Comments