CRN

Verisign Discontinues Flawed MD5 Certificates

Mountain View, Calif.-based Verisign, a managed security service provider, said that it has immediately discontinued the flawed MD5 cryptographic function used for digital signatures, while offering a ...
Ars Technica

Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud

Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in ...
eWeek

Flame Exploited Long-Known Flaw in MD5 Certificate Algorithm

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
PC World

Continued support for MD5 endangers widely used cryptographic protocols

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...
Computerworld

Experts Warn That Some CAS Arrays Are at Risk

Security experts are warning against the use of a flawed hashing algorithm, MD5, for digital signatures to store data securely on increasingly popular content addressed storage (CAS) systems. For ...
adtmag.com

Oracle Delays Plan to Block JAR Files Signed with MD5 until April

When Oracle Corp. publishes its next quarterly patch update in April, the company will begin treating JAR files signed with the MD5 hashing algorithm as unsigned, the company announced. As of April 18 ...
ZDNet

A quarter of major CMSs use outdated MD5 as the default password hashing scheme

Some of the projects that use MD5 as the default method for storing user passwords include WordPress, osCommerce, SuiteCRM, miniBB, SugarCRM, CMS Made Simple, MantisBT, Phorum, Observium, and X3cms.