Which app is this?

I dont think so - but from scanning the document i don't think its upgrading within a connection but only impacting future requests.

We found a new vulnerability in TLS. It's a variant of the ALPACA attack that bypasses current countermeasures. Relativly low impact - but great insight! Check it out: opossum-attack.com

Oof. Reportedly, if you got a certificate from SSL.com by putting "example[@]gmail.com" at _validation-contactemail.example.com, they would add gmail.com (!!!) to your verified domains.

A good reminder to use the CAA record, and to sign up for CT monitoring (e.g. Cert Spotter).

https://bugzilla.mo

doing this I indeed found some bugs and other inconsistent behavior of our libraries - it really added some amount of value besides the obvious

Does it do everything right? no. Is it good a writing bug free code? no. Is it good at writing the code where everyone knows how its supposed to look like but somebody has to do it? hell jeah - reviewing such code is so much faster than writing it.

I spent the last few weeks playing with Claude code to refactor our codebase, add tests and documentations - and I am kind of impressed how useful it is. For 125$ I reached >97% code coverage with full javadoc for every function in one of our projects.

The 3rd edition of WISC – Women in Security and Cryptography Workshop will take place in Bochum from June 16 to 18. Already confirmed are talks by Lejla Batina, Zinaida Benenson, Shafi Goldwasser, Martina Lindorfer, and Doreen Riepel. Registration is open now! casa.rub.de/en/events/wi...

Join our Applied Crypto group at FAU in Nürnberg as a PhD student or spread the word: we're hiring.

Our work covers many topics in real-world crypto, especially provable security and privacy of modern messaging protocols 🔐✉️

www.jobs.fau.de/jobs/7-phd-p...

Workshop on Secure Protocol Implementations in the Quantum Era (SPIQE), co-located with ACNS 2025.

The submission deadline is March 23, 2025.

More details: spiqe-workshop.github.io/call.html

I am looking forward to seeing some exciting submissions!

#Cryptography #SPIQE #ACNS2025

#FUZZING'25 CALL FOR PAPERS
──────
✨ New OC members:
* Ruijie Meng (@ruijiemeng.bsky.social; NUS)
* Rohan Padhye (@rohan.padhye.org; CMU).
✨ New paper type: Fuzzing Nuggets (short papers).

🔗 fuzzingworkshop.github.io
📅 20.March (Submission)
📅 17.April (Notification)
📅 28.June (Workshop)

Jeah I thought it was just rainy 🙈

Tbh - feels bad to deactivate my Twitter account - but at some point one has to choose a side.