Newest stories submitted by hanno.

1. 19

   badkeys.info - checking cryptographic keys for known vulnerabilities cryptography security badkeys.info

   authored by hanno 20 days ago | archive

   Archive.org Archive.today Ghostarchive

   | 4 comments
   4
2. 7

   Picking parameters cryptography security imperialviolet.org

   via hanno 2 months ago | archive

   Archive.org Archive.today Ghostarchive

   | no comments
   0
3. 39

   Fermat Attack on RSA cryptography security fermatattack.secvuln.info

   authored by hanno 2 months ago | archive

   Archive.org Archive.today Ghostarchive

   | 16 comments
   16
4. 31

   EU plans to mandate less secure certificates in browsers cryptography security feistyduck.com

   authored by hanno 2 months ago | archive

   Archive.org Archive.today Ghostarchive

   | 38 comments
   38
5. 40

   No STARTTLS email security nostarttls.secvuln.info

   authored by hanno 9 months ago | archive

   Archive.org Archive.today Ghostarchive

   | 19 comments
   19
6. 19

   Allow arbitrary URLs, expect arbitrary code execution security positive.security

   via hanno 1 year ago | archive

   Archive.org Archive.today Ghostarchive

   | no comments
   0
7. 37

   Malicious Commits to PHPs Git Repository php security vcs news-web.php.net

   via hanno 1 year ago | archive

   Archive.org Archive.today Ghostarchive

   | 19 comments
   19
8. 25

   Please do not put IP addresses into DNS MX records email blog.hboeck.de

   authored by hanno 1 year ago | archive

   Archive.org Archive.today Ghostarchive

   | 7 comments
   7
9. 29

   Stop using Libgcrypt 1.9.0 cryptography security lists.gnupg.org

   via hanno 1 year ago | archive

   Archive.org Archive.today Ghostarchive

   | 6 comments
   6
10. 7

    File Exfiltration via Libreoffice in BigBlueButton and JODConverter security blog.hboeck.de

    authored by hanno 1 year ago | archive

    Archive.org Archive.today Ghostarchive

    | no comments
    0
11. 3

    Generating CRIME safe CSRF Tokens security web blog.hboeck.de

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | no comments
    0
12. 34

    Userdir URLs like https://example.org/~username/ are dangerous security web blog.hboeck.de

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 15 comments
    15
13. 43

    Let's Encrypt revoking certain certificates on March 4 security web community.letsencrypt.org

    via hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 12 comments
    12
14. 54

    #include </etc/shadow> c security blog.hboeck.de

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 9 comments
    9
15. 9

    German BSI withholds Truecrypt security report cryptography security golem.de

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 4 comments
    4
16. 7

    Security Issues with PGP Signatures and Linux Package Management linux security blog.hboeck.de

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 5 comments
    5
17. 12

    ClamAV: Denial of Service through "better ZIP Bomb" security openwall.com

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | no comments
    0
18. 7

    RCE through open PHP-FPM ports php security web openwall.com

    authored by hanno 2 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 5 comments
    5
19. 36

    Subdomain Takeover: Microsoft loses control over Windows Tiles security web windows golem.de

    authored by hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 3 comments
    3
20. -1

    Public letter to Jeff Bezos and the Amazon Board of Directors on climate change science medium.com

    via hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | no comments
    0
21. 20

    How Google, Microsoft, and Big Tech Are Automating the Climate Crisis science gizmodo.com

    via hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 4 comments
    4
22. 5

    How to break PDF Signatures pdf security pdf-insecurity.org

    via hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | no comments
    0
23. 13

    Disabling insecure Lets Encrypt validation will cause broken HTTPS setups for Debian & Ubuntu users cryptography linux security web feistyduck.com

    authored by hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 1 comment
    1
24. 19

    When your Memory Allocator hides Security Bugs debugging security web blog.fuzzing-project.org

    authored by hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 7 comments
    7
25. 18

    How my personal Bug Bounty Program turned into a Free Security Audit for the Serendipity Blog php security web blog.hboeck.de

    authored by hanno 3 years ago | archive

    Archive.org Archive.today Ghostarchive

    | 4 comments
    4