No, not exactly. The SHA-1 hashing algorithm still does what it is supposed to do. SHA-1 creates an unpredictable 20 byte “fingerprint” of the data input into the function, in this case a web server certificate. It is the unpredictability of the output that makes cryptographic hash functions so useful. … Continue reading
Yes, it is possible in theory to forge the Web Server Certificate that is used in SSL/TLS communication. This is because the certificate is signed by a certificate authority that your browser trusts using a cryptographic hashing algorithm of a specific length. The hashing algorithms that have been used to… Continue reading
https://www.fedscoop.com/fedramp-google-cloud-high-ato/
Hello world! fwd:cloudsec is a new cloud security conference taking place in Houston on June 29, 2020. We're interested in all clouds, attack and defense, and more. We want to talk about the stuff that the vendor conferences don't.
Read more at https://fwdcloudsec.org/
I will be ery interesting to look into the forensic implications of this new capability: https://aws.amazon.com/blogs/aws/new-programmatic-access-to-ebs-snapshot-content/
