Last week, security researchers published two vulnerabilities—known as Meltdown and Spectre—which affect the majority of modern computers. Both of these vulnerabilities target low-level functionality of CPU chips, making it possible to read process- and kernel-level data. The technical explanation of these vulnerabilities can seem complex because it requires knowledge of CPU architecture. In simple terms, […]
That’s one heck of a headline, I know, but things just got real for Wi-Fi security Monday morning. Mathy Vanhoef of imec-DistriNet and Frank Piessens at KU Leuven published the results of their hard work on the authentication mechanism of the WPA2 protocol (which is used by Wi-Fi as a security layer for data traveling […]
The vulnerabilities identified today do not affect SSL/TLS Certificates, but plan to patch your OpenSSL framework as soon as possible.
The “Sweet32 Birthday Attack” does not affect SSL Certificates, but system administrators should disable any Triple-DES cipher.
Domain hijacking can damage an organization’s brand reputation and cost thousands in missed sales.
The cloud is essentially a borderless environment leaving many companies vulnerable to attack.
The vulnerabilities identified in OpenSSL do not affect SSL Certificates; system admins should patch their OpenSSL framework as soon as possible
Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption Google recently released a list of Certificate Authorities that are not trusted by browsers. Data Breaches A cybercriminal attempted to sell sensitive information for 1.5 million Verizon customers on the black market […]
Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption Security researchers have discovered a flaw dubbed the DROWN vulnerability that allows an attack to decrypt traffic from secure servers supporting SSLv2, which is obsolete. Soon after researchers announced the vulnerability, OpenSSL […]