This Month in SSL: January 2015

Here is our latest news roundup of articles about network and SSL security. Click here to see the whole series.

SSL & Encryption News

Data Security

Vulnerabilities

  • Four updates released by OpenSSL fix multiple moderate to low risk vulnerabilities found in OpenSSL.
  • Microsoft announced that they will be disabling SSL 3.0 in Azure storage on February 20, 2015.
  • Nineteen major vulnerabilities found in Java are addressed with Oracle’s new updates, the updates also disable SSL 3.0 by default.
  • Qualys discovered a major vulnerability in Linux systems known as the GHOST attack. GHOST allows an attacker access to a system without needing system credentials.
  • Adobe released patches for two zero-day vulnerabilities found in the Adobe Flash Player.

Malware

Data Breaches