Threat Post

Microsoft Warns Customers Away From SHA-1 and RC4

The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis. Many security experts and cryptographers have been recommending that vendors ...
ZDNet

RC4 NOMORE crypto exploit used to decrypt user cookies in mere hours

A fresh warning concerning the use of RC4 to support secure communication channels online has been issued after researchers were able to exploit the protocol to decrypt user data in mere hours.
Threat Post

New RC4 Attack Dramatically Reduces Cookie Decryption Time

A paper, expected to be presented at USENIX, describes new attacks against RC4 that make plaintext recovery times practical and within reach of hackers. Two Belgian security researchers from the ...
Fudzilla

Microsoft to kill off RC4 and SHA-1 algorithms

Microsoft has warned developers to stop using the RC4 and SHA-1 algorithms. The algorithms have been a source of attacks lately and many have suggested phasing them out, now Redmond has wade in ...
InfoWorld

Best practices can defeat ‘devastating’ Kerberos flaw

Despite claims that the problem lies in how Microsoft implements Kerberos in Windows, standard best practices and hardening rules can stop Golden Ticket and Pass-the-Hash attacks It’s hard enough ...

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity ...
Infosecurity-magazine.com

Has HTTPS been broken?

According to a research team from Royal Holloway University London (RHUL) and the University of Illinois at Chicago, when RC4 encryption (long known to be weak) is used as part of TLS/SSL (that is, ...
Simon Fraser University

SAS/CONNECT Example

The NETENCRYPTALGORITHM option specifies that the RC4 algorithm be used for encryption in the local host session. SAS/CONNECT Remote Host The following example illustrates the content of the ...