+1-888-690-2424
  • Logjam Attack and Diffie-Hellman

    Researchers have discovered a vulnerability with the Diffie-Hellman key exchange mechanism in SSL/TLS called Logjam, which is similar to the FREAK attack, and have now published Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice and a Guide to Deploying Diffie-Hellman for TLS. The Logjam vulnerability allows a man-in-the-middle (MITM) attacker to downgrade vulnerable SSL/TLS connections to 512-bit export-grade cryptography. The

        in Alerts, SSL
    0
  • Private Trust and Proxies

    With the news of Superfish, Komodia and PrivDog , there has been some interesting discussion on private trust and HTTPS proxies. Private Trust By private trust, I mean the use of private certification authorities (CAs). On the Internet, we use public trust CAs. These CAs are created in accordance with browser certificate policies, are highly secured and are audited on

        in Alerts, PKI, SSL
    0
  • Is Your SSL Server Vulnerable to a FREAK Attack?

    FREAK is a new man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at INRIA, Microsoft Research and IMDEA . FREAK stands for “Factoring RSA-EXPORT Keys.” As for the “A”, it may be a stand for Apple or Android to be discussed below. The vulnerability dates back to the 1990s, when the US government banned selling crypto software overseas, unless it used

        in Alerts, SSL, SSL Deployment
    0
  • Update – Chrome 41 Release and SHA-1

    When Google Chrome 41 is released, it will treat certificate chains using SHA-1 which are valid past January 1, 2017 as affirmatively insecure. The release date of Chrome 41 is not definitive, but it is expected to be about 6 weeks after Chrome 40. As Chrome 40 was released on January 23, 2015, we expect Chrome 41 to be released

        in Alerts, SSL, SSL Deployment
    0
  • Is Your SSL Server Vulnerable to a FREAK Attack?

    FREAK is a new man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at INRIA, Microsoft Research and IMDEA . FREAK stands for “Factoring RSA-EXPORT Keys.” As for the “A”, it may be a stand for Apple or Android to be discussed below. The vulnerability dates back to the 1990s, when the US government banned selling crypto software overseas, unless it used

        in Alerts, SSL, SSL Deployment
    0
  • Update – Chrome 41 Release and SHA-1

    When Google Chrome 41 is released, it will treat certificate chains using SHA-1 which are valid past January 1, 2017 as affirmatively insecure. The release date of Chrome 41 is not definitive, but it is expected to be about 6 weeks after Chrome 40. As Chrome 40 was released on January 23, 2015, we expect Chrome 41 to be released

        in Alerts, SSL, SSL Deployment
    0
Page 1 of 4123...»»