Several new vulnerabilities discovered in OpenSSL; system admins should update OpenSSL once patches are available
Previously unknown vulnerability discovered in SSL v2 that can be used to exploit TLS.
Only 35% of SMTP server have configured encryption protocols correctly. Low adoption rates of encryption and authentication and improper configuration can lead to a STRIPTLS attack.
Chrome Security Panel in DevTools demystifies what connection errors keep you away from the green padlock.
Data breaches were not few in 2015. Can we learn from the past and do better in 2016?
An increase in computing power suggests that 1024-bit encryption is no longer secure enough to protect company private keys.
Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption News Because of recent attacks on SHA-1, Mozilla explained in a recent blog post they are considering deprecating SHA-1 earlier than scheduled by six months. The cost of resources necessary to break SHA-1 […]
On October 13, 2015, Google released Chrome 46. Chrome 46 introduces an icon change in the URL address bar for sites with minor HTTPS connection errors. Minor errors include a lack of Certificate Transparency (CT) information and/or use of SHA-1 certificates, obsolete cipher suites, and certain types of mixed content. In an effort to encourage […]
Research findings do not directly undermine the security of the Internet at large. Given the lessons learned with the MD5 full break, it is not advisable to wait until these become practically possible.