Threat Post

Flame Attackers Used Collision Attack to Forge Microsoft Certificate

The attackers behind the Flame malware used a collision attack against a cryptographic algorithm as part of the method for gaining a forged certificate to sign specific components of the attack tool.
PC World

SHA-1 collision can break SVN code repositories

A recently announced SHA-1 collision attack has the potential to break code repositories that use the Subversion (SVN) revision control system. The first victim was the repository for the WebKit ...
Ars Technica

Flame malware wielded rare “collision” crypto attack against Microsoft

Attackers behind espionage software that infected Iranian computers targeted hard-to-exploit weaknesses in a cryptographic algorithm, a feat that allowed them to counterfeit a Microsoft digital ...
MIT Technology Review

The US military wants to understand the most important software on Earth

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted It’s not much of an exaggeration to say that ...