PC World

Microsoft Patch Tuesday advisories urge ditching old, weak crypto algorithms

Microsoft patched serious vulnerabilities Tuesday in Windows, Internet Explorer and Office, but also urged customers to stop using the aging RC4 cipher and SHA-1 hashing function in their systems and ...
Computerworld

Microsoft continues RC4 encryption phase-out plan with .NET security updates

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.
CSOonline

New collision attacks against triple-DES, Blowfish break HTTPS sessions

Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key There is now a practical, relatively fast ...