ZDNet

MD5 password scrambler 'no longer safe'

The original author of the MD5 password hash algorithmhas publicly declared his software end-of-life and is "no longer considered safe" to use on commercial websites. This comes only a day after a ...
PC World

Continued support for MD5 endangers widely used cryptographic protocols

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...
CSOonline

MD5 attack puts RADIUS networks everywhere at risk

A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions. The “secure enough” ...
Threat Post

Microsoft Starts Countdown on Eliminating MD5

Microsoft has given customers six months to find MD5 installations and prepare for a February 2014 patch that will block the broken algorithm. The clock is running on Windows administrators to sweep ...
Krebs on Security

Tag Archives: MD5 hash

An organized gang of hackers from Russia and Ukraine has broken into internal networks at dozens of financial institutions and installed malicious software that allowed the gang to drain bank ATMs of ...
ZDNet

A quarter of major CMSs use outdated MD5 as the default password hashing scheme

Some of the projects that use MD5 as the default method for storing user passwords include WordPress, osCommerce, SuiteCRM, miniBB, SugarCRM, CMS Made Simple, MantisBT, Phorum, Observium, and X3cms.
EDN

IPsec, a Tutorial–Part II

IPsec incorporates several cryptographic operations to ensure message authenticity, data integrity, and sender nonrepudiation. In this section we will describe the mechanics of these cryptographic ...