Computerworld

Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol

The Linux Foundation today announced the first protocols that it wants to address as part of its open-source code testing and security review. Not surprisingly, OpenSSL, where the infamous Heartbleed ...
Threat Post

Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug

An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the ...