“Perhaps most dangerous leak of the year so far”
A leak that may end up exposing the user passwords of many popular platforms and applications has been uncovered by a Google researcher recently. Major services indicated to be vulnerable may include Uber, FitBit, and OKCupid.
“Cybersecurity experts still concerned over continued threat”
A Google Chrome malware program still poses a threat to users after several months of circulation. Proofpoint has officially warned hackers that the program can inject script into inefficiently protected pages, targeting Chrome browsers specifically. It will then rewrite the compromised website to the affected users browser, making the page unreadable and provides a fake issue for the user to resolve,
“First real-world collision against SHA-1 hash”
Security researchers have now witnessed the first collision against the SHA-1 hash function, resulting in the duplication of a PDF file with the same signature. The algorithm’s security-sensitive functions are now entirely vulnerable, and should not be used for any secure files.