This week, a group of university researchers disclosed a new vulnerability affecting the Diffie-Hellman key exchange. The Diffie-Hellman (DH) key exchange is a cryptographic method for two systems to establish a shared secret over a public communication channel, which they later use to encrypt their communications. Many encryption protocols, including HTTPS, SMTPS, IPSec VPN, SSH, and other TLS implementations, use it to set up shared secrets.
Two new high-profile hacks this week collectively exposed millions of users’ data, both more worrying than what has become a run-of-the-mill credit card breach. The reasons for concern, of course, are a bit different.
SPSS is one of the most widely used statistical analysis packages in the world.
Virtualization technology is great, but it does add new attack surface. CrowdStrike disclosed a new QEMU vulnerability that affects many popular virtualization platforms. In today’s video, I quickly summarize the issue, and share what you can do about it.
Adobe typically shares Patch Tuesday with Microsoft, but with Microsoft’s recent announcement to stop monthly patches for Windows 10, Adobe could be patching alone this month. That’s no excuse to miss patches though, so watch today’s video to learn what Adobe plans to update tomorrow. By the way, if Microsoft does release patches tomorrow, we’ll be sure to let you know
Cross-site scripting (XSS) vulnerabilities have become fairly commonplace in web applications and crop up frequently in content management systems like WordPress and Joomla! While WordPress is the most popular CMS on the Web, and therefore a popular…