Threat Post

SLOTH Attacks Up Ante on SHA-1, MD5 Deprecation

Researchers have demonstrated new collision attacks against SHA-1 and MD5 implementations in TLS, IKE and SSH. If you’re hanging on to the theory that collision attacks against SHA-1 and MD5 aren’t ...
Threat Post

Microsoft Details Flame Hash-Collision Attack

The details of the collision attack used by the Flame malware authors to create a forged code-signing certificate for Microsoft code are beginning to emerge, and the company said that the attackers ...
Ars Technica

Collision attacks - How do they work?

I was reading the new Ars article about Microsoft's decision to retire SHA-1 due to its vulnerability to collision attacks. The article mentions the well-publicized Flame attack of 2012, a key ...
Bleeping Computer

Latest Collision Attack news

Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. The SHA1 (Secure Hash ...
CSOonline

Continued support for MD5 endangers widely used cryptographic protocols

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...