ZDNet

MD5 password scrambler 'no longer safe'

The original author of the MD5 password hash algorithmhas publicly declared his software end-of-life and is "no longer considered safe" to use on commercial websites. This comes only a day after a ...
Infosecurity-magazine.com

Proof of Concept Attack Further Discredits MD5

Researchers from the École Polytechnique Fédérale de Lausanne in Switzerland, the Eindhoven University of Technology and the University of Berkeley among others used the machines to create a rogue ...
CSOonline

MD5 attack puts RADIUS networks everywhere at risk

A design flaw in the decades-old RADIUS authentication protocol allows attackers to take over network devices from a man-in-the-middle position by exploiting MD5 hash collisions. The “secure enough” ...
ZDNet

A quarter of major CMSs use outdated MD5 as the default password hashing scheme

Some of the projects that use MD5 as the default method for storing user passwords include WordPress, osCommerce, SuiteCRM, miniBB, SugarCRM, CMS Made Simple, MantisBT, Phorum, Observium, and X3cms.
CSOonline

Microsoft moves to block MD5 certificates and improve RDP authentication

Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop ...
MediaNama

Zomato says it fixed data breach; loopholes in its encryption methods

Zomato announced in a blog post today that it had contacted the unidentified hacker from yesterday’s data breach. The breach had led to details of 7.7 million users being stolen. The leaked ...