This week’s tip is about not ignoring security warnings—especially those for SHA-1.
Let’s take a look at some of the more interesting articles that appeared this week on the subject of SSL Certificates and Internet security. Patch Bash NOW: ‘Shell Shock’ bug blasts OS X, Linux systems wide open This article, one of many on the topic this week, provides information about the newly-discovered “Shell Shock” bug […]
Yesterday, a critical vulnerability in Bash was discovered. Today, the bug has already been found ‘in the wild’ and in use by active exploits against web servers.
Mozilla is following Microsoft’s SHA-1 deprecation timeline and adding SHA-1 security warnings to the Firefox Web Console and browser.
Here’s a quick rundown of the most interesting articles across the Internet this week on the topic of SSL and network security. Firefox sneaks out an “inbetweener” update This week Firefox put out a “point release” to address some security issues, according to Paul Ducklin of nakedsecurity.com. Of the three fixes, one relates to SSL […]
Two easy-to-use free tools to make SHA-1 migration as easy as possible and provide a free SHA-2 certificate for sites upgrading to SHA-256.
The AOSP browser in pre-4.4 Android devices contains a vulnerability that allows hackers to see the contents of other web pages that are open during a browser session. This vulnerability affects a huge number of Android devices in use right now, and there is even a Metasploit module to exploit it. “This is a privacy […]
Let’s take a look at some of the more intriguing news articles this week about SSL Certificates and network security. Security Growing Pangs Loom For 100K+ Sites with Newly Untrusted Certificates Ericka Chickowski of InformationWeek Dark Reading reveals that last week Mozilla revoked a number of root certificates using 1024-bit keys. These root certificates chained […]
85% sites rely on security from SHA-1 certificates, this could problematic for site owners as Google rushes to end trust in SHA-1 over the next few months.