Threat Post

Steam Patches Broken Crypto in Wake of Replay, Padding Oracle Attacks

The digital gaming platform Steam was quick to patch a cryptographic issue in the client recently that could have allowed an attacker to read sensitive information sent over its network, take over an ...
Threat Post

‘Padding Oracle’ Crypto Attack Affects Millions of ASP.NET Apps

A pair of security researchers have implemented an attack that exploits the way that ASP.NET Web applications handle encrypted session cookies, a weakness that could enable an attacker to hijack users ...