IBM Java SDK Incomplete Fix Remote Code Execution Vulnerability
 
Oracle Java SE CVE-2016-0687 Remote Security Vulnerability
 
Samba CVE-2016-2118 Man in the Middle Security Bypass Vulnerability
 
Samba CVE-2015-5252 Symlink Vulnerability
 
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
 
Libxml2 CVE-2016-4448 Remote Format String Vulnerability
 
Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
 
Libxml2 'xmlParseName' CVE-2016-4447 Remote Denial of Service Vulnerability
 
Eaton ELCSoft Programming Software Multiple Buffer Overflow Vulnerabilities
 
Linux Kernel Multiple Local Memory Corruption Vulnerabilities
 

(credit: Christiaan Colen)

Like many forms of encryption in use today, HTTPS protections are on the brink of a collapse that could bring down the world as we know it. Hanging in the balance are most encrypted communications sent over the last several decades. On Thursday, Google unveiled an experiment designed to head off, or at least lessen, the catastrophe.

In the coming months, Google servers will add a new, experimental cryptographic algorithm to the more established elliptic curve algorithm it has been using for the past few years to help encrypt HTTPS communications. The algorithm—which goes by the wonky name "Ring Learning With Errors"—is a method of exchanging cryptographic keys that's currently considered one of the great new hopes in the age of quantum computing. Like other forms of public key encryption, it allows two parties who have never met to encrypt their communications, making it ideal for Internet usage.

Virtually all forms of public key encryption in use today are secured by math problems that are so hard that they take millennia for normal computers to solve. In a world with quantum computers, the same problems take seconds to solve. No one knows precisely when this potential doomsday scenario will occur. Forecasts call for anywhere from 20 to 100 years. But one thing is certain: once working quantum computers are a reality, they will be able to decrypt virtually all of today's HTTPS communications. Even more unnerving, eavesdroppers who have stashed away decades' worth of encrypted Internet traffic would suddenly have a way to decrypt all of it.

Read 6 remaining paragraphs | Comments

 
WECON LeviStudio Multiple Buffer Overflow Vulnerabilities
 
Cisco Video Communication Server and Expressway CVE-2016-1444 Authentication Bypass Vulnerability
 
OpenSSL CVE-2016-2108 ASN.1 Encoder Remote Memory Corruption Vulnerability
 
Linux Kernel 'usb/core/hub.c' NULL Pointer Dereference Denial of Service Vulnerability
 
Linux Kernel CVE-2016-0723 Local Race Condition Vulnerability
 
BMW ConnectedDrive - (Update) VIN Session Vulnerability
 
BMW - (Token) Client Side Cross Site Scripting Vulnerability
 
[security bulletin] HPSBGN03628 rev.1 - HPE IceWall Federation Agent using libXML2 library, Remote Denial of Service (DoS), Unauthorized Modification, Unauthorized Disclosure of Information
 
[slackware-security] samba (SSA:2016-189-01)
 
Microsoft WinDbg logviewer.exe Buffer Overflow DOS
 
Microsoft Process Kill Utility "kill.exe" Buffer Overflow
 
Internet Storm Center Infocon Status