Lenovo’s violation of security best practices demonstrates the dangers of using self-signed certificates and the importance of the public trust system.
The new vulnerabilities found in OpenSSL do not affect SSL Certificates, but system administrators should update OpenSSL once patches are available.
Today, patches for a critical vulnerability in Schannel were released. This vulnerability could allow remote code execution on a large number of Windows platforms.
The recent SSLv3 protocol “POODLE” vulnerability does not affect SSL Certificates, but system administrators should disable SSLv3 on all servers.
Yesterday, a critical vulnerability in Bash was discovered. Today, the bug has already been found ‘in the wild’ and in use by active exploits against web servers.
The AOSP browser in pre-4.4 Android devices contains a vulnerability that allows hackers to see the contents of other web pages that are open during a browser session. This vulnerability affects a huge number of Android devices in use right now, and there is even a Metasploit module to exploit it. “This is a privacy […]
A recent update to the OpenSSL library (versions 0.9.8zb, 1.0.0n and 1.0.1i) resolves minor issues but does not affect the security of any Website.
The recent OpenSSL vulnerability update does not affect SSL Certificates, but administrators are strongly advised to update their systems.
There are several online Heartbleed detection tools that rely solely on checking the NotBefore Data. There are major flaws with this approach to Heartbleed vulnerability that administrators should consider.