A security expert has managed to transfer the digital signature of one Windows program to another, without invalidating the signature. Didier Stevens, who presented the attack in his blog, exploited the fact that Microsoft's Authenticode code signing standard accepts the vulnerable MD5 hash algorithm.

ACME Security has described a way to neutralise cold boot attacks. Such attacks exploit the fact that data in the DRAM are not immediately lost when power is removed, but remain there for a period that may last from a few seconds to a minute, or even longer if cooling is in use.

We already knew that MD5 is a broken hash function. Now researchers have successfully forged MD5-signed certificates. This isn't a big deal. The research is great; it's good work, and I always like to see cryptanalytic attacks used to break real-world security systems. Making that jump is often much harder than cryptographers think.

xVM VirtualBox 2.1 software features a number of new enhancements, including: * New Accelerated 3D Graphics: Uses the industry standard application programming interface (API) for high-performance graphics, Open Graphics Library (OpenGL), allowing users to flawlessly run applications like Google Earth and CAM-based software that are popular among heavy users of imagery like industrial designers, automotive and robotics engineers, architects, etc. * Improved Network Performance...

NIST has published all 51 first-round candidates in its hash algorithm competition. (The other submissions -- we heard they received 64 -- were rejected because they weren't complete.) Their goal is to publish the accepted submissions by the end of the month, in advance of the Third Cryptographic Hash Workshop to be held in Belgium right after FSE in February.

It was successfully passed accreditation of Cryptomach Certification Authority Center. Accreditation certificate is CA №8 from 25.11.2008 to 30.11.2009 issued by the Central certifying authority of Ukraine.

Automated system of Digital Signature "Certification Authority Center" received a Certificate of conformity of State Service of Special Communication and Information Protection of Ukraine.

We have successfully install complex system of information protection between remote offices based on Encryption hardware devices. Local systems were united in a common secure distributed system with central management.

Our Company has been successfully completed testing systems for compliance with the standards in Electronic Digital Signature area and Information Security area. After testing the system turned to the expert test in State Service of Special Communication and Information Protection of Ukraine