Vulnerabilities in cryptographic libraries found through modern fuzzing
Recently patched vulnerabilities in MatrixSSL and wolfSSL, two open-source TLS/SSL implementations / libraries for embedded environments, have emphasized the great potential …
Recently patched vulnerabilities in MatrixSSL and wolfSSL, two open-source TLS/SSL implementations / libraries for embedded environments, have emphasized the great potential …
A new report from security researcher and TLS expert Scott Helme, evaluates the use of encryption across the world’s top one million sites over the last six months and reveals …
Armis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches. Collectively dubbed TLStorm …
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …
Digital communication, whether it is by email, phone call, SMS or video, is part of every organization’s business process, and as such requires encryption to stay …
The European Union Agency for Cybersecurity (ENISA) analyses the security pros and cons of using public DNS resolvers. A core part of the internet is the Domain Name System …
Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world’s top 1 million sites over the last 18 months shows …
Zscaler announced the release of a report that tracked and analyzed over 20 billion threats blocked over HTTPS, a protocol originally designed for secure communication over …
The OpenSSL Project has released OpenSSL 3.0, a major new stable version of the popular and widely used cryptography library. What is OpenSSL? OpenSSL contain an open-source …
The SolarWinds compromise in December 2020 and the ensuing investigation into their build services put a spotlight on supply chain attacks. This has generated a renewed …
Whether you’re a small business operating out of a single office or a global enterprise with a huge and distributed corporate network, not inspecting the encrypted traffic …
Security is not like paint: it can’t just be applied after a system has been completed. Instead, security has to be built into the system design. But how can we know that a …