Manage SSL/TLS certificates across IT environments with Qualys CertView
Qualys announced CertView, a new app framework in the Qualys Cloud Platform that enables customers to discover, assess and manage SSL/TLS certificates on a global scale, …
TLS security: Past, present and future
The Transport Layer Security (TLS) protocol as it stands today has evolved from the Secure Sockets Layer (SSL) protocol from Netscape Communications and the Private …
Making HTTPS phishing sites easier to spot
For years, we taught users that a website’s URL that includes https at its very beginning is a relatively good indicator of whether they can safely input sensitive …
Breaking TLS: Good or bad for security?
As the use of TLS by malware and phishing increases, some security practitioners are seeking solutions to break TLS so they can monitor all traffic in and out of their …
The HTTPS interception dilemma: Pros and cons
HTTPS is the bread-and-butter of online security. Strong cryptography that works on all devices without complicating things for users. Thanks to innovative projects like …
Inline SSL solution eliminates network blind spots
At RSA Conference 2017, Gigamon announced an expansion to its GigaSECURE SSL/TLS Decryption solution, with new inline capabilities, bringing enhanced visibility into encrypted …
The security impact of HTTPS interception in the wild
HTTPS deployment is on an upward trajectory, and this growth is accompanied by the increasing HTTPS interception and SSL inspection by enterprise-grade firewalls, web filters, …
Google launches its own Root Certificate Authority
Google is known for slipping fingers in many pies, so it should not come as a surprise that it has opted for starting its own Root Certificate Authority. With the increased …
Final warning: Popular browsers will soon stop accepting SHA-1 certificates
Starting with Chrome 56, planned to be released to the wider public at the end of January 2017, Google will remove support for SHA-1 certificates. Other browser makers plan to …
Chrome will start labeling some HTTP sites as non-secure
Slowly but relentlessly, Google is pushing website owners to deploy HTTPS – or get left behind. The latest announced push is scheduled for January 2017, when Chrome 56 …
Secure mobile communications explained
For a typical consumer, seeing Secured by SSL is all it takes to reassure them that whatever they are doing online is safe and secure. Awareness also teaches these same users …
Too many Cisco ASA boxes still open to an EXTRABACON attack
Among the Equation Group exploits leaked by the Shadow Brokers, the one named EXTRABACON that targets Cisco ASA devices got the most attention from security researchers and …