SSL/TLS Archives - Page 5 of 13

SSL/TLS

CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS

August 11, 2016

The HEIST vulnerability was presented at Black Hat USA 2016 by Mathy Vanhoef and Tom Van Goethem. In this presentation, new techniques were presented that enhanced previously …

Breathing new life into SSL VPNs: Making the most of the security benefits

August 10, 2016

Network security has been in an accelerated arms race for over a decade, with IT managers constantly adding new technologies to secure various network resources in an attempt …

Companies are embracing an enterprise-wide encryption strategy

June 30, 2016

The biggest users of encryption are companies in financial services, healthcare and pharmaceutical, as well as technology and software industries, according to Thales. A new …

Hypervisor wiretap feature can leak data from the cloud

June 10, 2016

Bitdefender has discovered that encrypted communications can be decrypted in real-time using a technique that has virtually zero footprint and is invisible to anyone except …

Bitly partners with Let’s Encrypt for HTTPS links

May 18, 2016

Bitly processes data associated with more than 12 billion clicks per month, leading to massive troves of intelligence. Now, they’re partnering with Let’s Encrypt …

After issuing 1.7M certificates, Let’s Encrypt CA officially leaving beta

April 13, 2016

Let’s Encrypt, the non-profit Certificate Authority (CA) backed by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, and others, is ready to be considered a …

Million-plus sites hosted on WordPress.com get free SSL

April 11, 2016

Friday brought some very good news for existing and future owners of sites hosted on WordPress.com: they will be getting HTTPS protection without having to pay for an SSL …

PHP, Python still fail to spot revoked TLS certificates

April 1, 2016

In 2012, a group of researchers demonstrated that SSL certificate validation is broken in many applications and libraries, and pointed out the root causes for that situation: …

DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable

March 1, 2016

There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users …

Perceptions and buying practices of infosec decision makers

February 23, 2016

CyberEdge Group surveyed 1,000 IT infosec decision makers and practitioners from 10 countries, five continents, and 19 industries, and unsurprisingly, the news is not good. In …

OpenSSL bug that could allow traffic decryption has been fixed

January 29, 2016

The OpenSSL Project has pushed out new versions of the widely used OpenSSL cryptographic library, which incorporate patches for two distinct security bugs, and an update of …

SLOTH attacks weaken secure protocols because they still use MD5 and SHA-1

January 8, 2016

Researchers Karthikeyan Bhargavan and Gaëtan Leurent from INRIA, the French national research institute for computer science, have discovered a new class of transcript …

SSL/TLS

CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS

Breathing new life into SSL VPNs: Making the most of the security benefits

Companies are embracing an enterprise-wide encryption strategy

Hypervisor wiretap feature can leak data from the cloud

Bitly partners with Let’s Encrypt for HTTPS links

After issuing 1.7M certificates, Let’s Encrypt CA officially leaving beta

Million-plus sites hosted on WordPress.com get free SSL

PHP, Python still fail to spot revoked TLS certificates

DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable

Perceptions and buying practices of infosec decision makers

OpenSSL bug that could allow traffic decryption has been fixed

SLOTH attacks weaken secure protocols because they still use MD5 and SHA-1

Don't miss

You should be able to trust organizations that handle your personal data

3 key elements to protect a Kubernetes cluster

Ransomware still winning: Average ransom demand jumped by 45%

Two business-grade Netgear VPN routers have security vulnerabilities that can’t be fixed

How to ensure that the smart home doesn’t jeopardize data privacy?