The vulnerability of subdomain takeover in Microsoft Azure continues to pose a threat, with researchers at Keytos discovering approximately 15,000 vulnerable subdomains each month using cryptographic certificates. This relatively common exploit allows cybercriminals to impersonate organizations, launch attacks, and display spam content through legitimate sites. Despite continuous attempts to contact and notify over 1,000 organizations…

Security today relies on cryptography, an information-protection technology that uses algorithms to transform messages into a form that is difficult for a third party to decipher. For decades, computers and networks have relied on cryptography to provide confidentiality and integrity, and for common tasks like authentication. Arguably, it has become the backbone of modern cybersecurity…

To achieve long-term data protection in today’s fast-changing and uncertain world, companies need the ability to respond quickly to unforeseen events. Threats like quantum computing are getting more real while cryptographic algorithms are subject to decay or compromise. Without the ability to identify, manage and replace vulnerable keys and certificates quickly and easily, companies are…

Google researchers help developers test cryptographic implementations

Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations. The company’s Project Wycheproof, which was released on GitHub, contains more than 80 test cases for widely used cryptographic algorithms, including RSA, AES-GCM, AES-EAX, Diffie-Hellman, Elliptic Curve Diffie-Hellman (ECDH), and the digital signature algorithm…