Forbes

Flame's MD5 collision is the most worrisome security discovery of 2012

In 2009, while I was researching Surviving Cyberwar, I attended the COSAC security conference outside of Dublin for the first time. During an open session I posed this question to the attendees: “Can ...
Ars Technica

Crypto breakthrough shows Flame was designed by world-class scientists

The Flame espionage malware that infected computers in Iran achieved mathematic breakthroughs that could only have been accomplished by world-class cryptographers, two of the world’s foremost ...
Threat Post

Practical SHA-1 Collision Months, Not Years, Away

New research into attacks against the SHA-1 cryptographic algorithm lessen the cost and time to arrive at a practical collision. When Bruce Schneier made his oft-cited and mathematically sound ...
SlashGear

Flame Named A Cryptographic Marvel; Infected PCs Commit Suicide

Uber-malware Flame is the most complex tool for cyber espionage discovered in the wild to-date, expert cryptographers have said, the first example of an MD5 collision attack being used in earnest.
Ars Technica

Collision attacks - How do they work?

I was reading the new Ars article about Microsoft's decision to retire SHA-1 due to its vulnerability to collision attacks. The article mentions the well-publicized Flame attack of 2012, a key ...
CSOonline

MD5 attack puts RADIUS networks everywhere at risk

A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions. The “secure enough” ...
Threat Post

Microsoft Starts Countdown on Eliminating MD5

Microsoft has given customers six months to find MD5 installations and prepare for a February 2014 patch that will block the broken algorithm. The clock is running on Windows administrators to sweep ...