Why to avoid SHA-1 (not really detailed besides it being out-of-date)
Highly suspicious RBGs such as MS_DRBG still exist in standards such as ISO 18031
The AES and SHA2 based DRBGs in current NIST standards are "fine", but don't only listen to NIST, which have a track record of lying about implementations and risks to architectures utilizing the recent algorithms
Update good crypto and recommended post-quantum crypto
Quantum-resistant algorithms
Why to avoid SHA-1 (not really detailed besides it being out-of-date)