ZDNet

XML vulnerability leads to calls for standards change

Scientists from the Ruhr University of Bochum (RUB) in Germany have devised an attack that decrypts data secured with XML encryption, a standard that allows for secured communications between Web ...
PC World

Widely Used Encryption Standard Is Insecure, Say Experts

A weakness in XML Encryption can be exploited to decrypt sensitive information, researchers say. XML Encryption is used for securing communications between Web services by many companies, including ...
Computerworld

Microsoft continues RC4 encryption phase-out plan with .NET security updates

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.
CSOonline

New collision attacks against triple-DES, Blowfish break HTTPS sessions

Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key There is now a practical, relatively fast ...