+1-888-690-2424
  • Is Your SSL Server Vulnerable to a FREAK Attack?

    FREAK is a new man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at INRIA, Microsoft Research and IMDEA . FREAK stands for “Factoring RSA-EXPORT Keys.” As for the “A”, it may be a stand for Apple or Android to be discussed below. The vulnerability dates back to the 1990s, when the US government banned selling crypto software overseas, unless it used

        in Alerts, SSL, SSL Deployment
    0
  • SSL Review: February 2015

    Part 13 of 13 in the Series — SSL Review
    Entrust’s monthly SSL review covers SSL discussions — recaps news, trends and opinions from the industry. Entrust and CA Security Council Entrust Identity ON discussed: In the Beginning – The Information Revolution Public-Key Solves Half of the Key Distribution Problem Patents, Key Escrow and the Elliptic Curve SSL and 39 Months Superfish Joins the MITM Club CA Security Council discussed:

        in Alerts, SSL
    0
  • Update – Chrome 41 Release and SHA-1

    When Google Chrome 41 is released, it will treat certificate chains using SHA-1 which are valid past January 1, 2017 as affirmatively insecure. The release date of Chrome 41 is not definitive, but it is expected to be about 6 weeks after Chrome 40. As Chrome 40 was released on January 23, 2015, we expect Chrome 41 to be released

        in Alerts, SSL, SSL Deployment
    0
  • POODLE for TLS

    Part 3 of 3 in the Series — Poodle
    The POODLE attack on SSL 3.0 has now been extended to some implementations of TLS. POODLE for TLS can be tracked through CVE-2014-8730. Adam Langley states that “TLS’s padding is a subset of SSLv3’s padding so, technically, you could use an SSLv3 decoding function with TLS and it would still work fine. It wouldn’t check the padding bytes but that wouldn’t cause

        in Alerts, SSL
    0
  • Update – Chrome 41 Release and SHA-1

    When Google Chrome 41 is released, it will treat certificate chains using SHA-1 which are valid past January 1, 2017 as affirmatively insecure. The release date of Chrome 41 is not definitive, but it is expected to be about 6 weeks after Chrome 40. As Chrome 40 was released on January 23, 2015, we expect Chrome 41 to be released

        in Alerts, SSL, SSL Deployment
    0
  • POODLE for TLS

    Part 3 of 3 in the Series — Poodle
    The POODLE attack on SSL 3.0 has now been extended to some implementations of TLS. POODLE for TLS can be tracked through CVE-2014-8730. Adam Langley states that “TLS’s padding is a subset of SSLv3’s padding so, technically, you could use an SSLv3 decoding function with TLS and it would still work fine. It wouldn’t check the padding bytes but that wouldn’t cause

        in Alerts, SSL
    0
Page 1 of 4123...»»