Ars Technica

At death’s door for years, widely used SHA1 function is now dead

For more than six years, the SHA1 cryptographic hash function underpinning Internet security has been at death’s door. Now it’s officially dead, thanks to the submission of the first known instance of ...
Ars Technica

PGP keys, software security, and much more threatened by new SHA1 exploit

Three years ago, Ars declared the SHA1 cryptographic hash algorithm officially dead after researchers performed the world’s first known instance of a fatal exploit known as a “collision” on it. On ...
PC World

Stop using SHA1 encryption: It’s now completely unsafe, Google proves

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm ...
eWeek

Researchers from Google, CTI Break SHA-1 Hash Encryption Function

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
PC World

SHA-1 collision can break SVN code repositories

A recently announced SHA-1 collision attack has the potential to break code repositories that use the Subversion (SVN) revision control system. The first victim was the repository for the WebKit ...
Computerworld

Hash collision DoS vulnerability fixed in PHP 5.3.9

The PHP development team has released version 5.3.9 of the popular Web development platform in order to address a recently disclosed denial-of-service (DoS) vulnerability, as well as other security ...