Mocana offers an alternative to OpenSSL on Apache web servers
At the Black Hat USA 2014 conference, Mocana debuted its enterprise-grade NorthStar secure connectivity solution for Apache web servers, a highly secure, drop-in replacement …
Google: Websites using HTTPS will get better search rankings
Websites that don’t use HTTPS will be ranked lower in Google Search results, the web giant has announced on Wednesday. “At Google I/O a few months ago, we called …
40% of orgs running VMware still susceptible to Heartbleed
More than three months have passed since the discovery of the OpenSSL Heartbleed bug, and many systems are still vulnerable. According to data collected by data analytics …
Interest for SSL and PKI on the rise
The surge in the number of data breaches and recent security bugs such as Heartbleed has generated strong interest in digital certificates and technologies, including SSL and …
Unpatched OpenSSL holes found on Siemens ICSs
A number of Siemens industrial products have been found sporting four vulnerabilities in their OpenSSL implementation, which could lead to man-in-the-middle (MitM) attacks or …
Researcher launches SSL Blacklist
Roman Hussy, the Swiss security activist behind Abuse.ch, has started another project: the SSL Blacklist (SSLBL). Known for the trackers that keep tabs on command and control …
“Secure” UK hotel booking site leaking customer data
An infosec consultant looking to book a hotel via HotelHippo.com, owned by HotelStayUK, has ultimately discovered that the website is definitely not to be trusted with private …
(IN)SECURE Magazine issue 42 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 42 has been released today. Table of contents: Six …
Google forks OpenSSL: BoringSSL will be used in company products
Google has announced another OpenSSL fork. Dubbed BoringSSL, it will, in time, replace the OpenSSL library in various Google’s projects. “We have used a number of …
OpenSSL releases patches for critical MITM, code execution flaws
OpenSSL users, you need to patch again. The OpenSSL team released a security update that fixes 6 vulnerabilities, two of which could be considered critical. The first one is …
Critical bug in GnuTLS crypto library could allow malicious code execution
Another critical bug in an open source SSL/TLS (and DTLS) cryptographic library has been discovered and patched last week. The affected library is GnuTLS, and is used in a …
Researchers find, analyze forged SSL certs in the wild
A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL …
Featured news
Sponsored
Don't miss
- Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
- LastPass users targeted by vishing attackers
- Protobom: Open-source software supply chain tool
- The key pillars of domain security
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)