+1-888-690-2424
  • High Severity Vulnerability Found In OpenSSL

    OpenSSL has announced a high severity vulnerability, CVE-2015-1793 which will require an upgrade to some OpenSSL installations. The vulnerability was discovered by Google personnel Adam Langley and David Benjamin on June 24, 2015. Google has been working on an alternative to OpenSSL called BoringSSL. This has allowed Google to reduce vulnerabilities in their installations, but is also a benefit to

        in Alerts, SSL
    0
  • Logjam Attack and Diffie-Hellman

    Researchers have discovered a vulnerability with the Diffie-Hellman key exchange mechanism in SSL/TLS called Logjam, which is similar to the FREAK attack, and have now published Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice and a Guide to Deploying Diffie-Hellman for TLS. The Logjam vulnerability allows a man-in-the-middle (MITM) attacker to downgrade vulnerable SSL/TLS connections to 512-bit export-grade cryptography. The

        in Alerts, SSL
    0
  • Private Trust and Proxies

    With the news of Superfish, Komodia and PrivDog , there has been some interesting discussion on private trust and HTTPS proxies. Private Trust By private trust, I mean the use of private certification authorities (CAs). On the Internet, we use public trust CAs. These CAs are created in accordance with browser certificate policies, are highly secured and are audited on

        in Alerts, PKI, SSL
    0
  • Is Your SSL Server Vulnerable to a FREAK Attack?

    FREAK is a new man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at INRIA, Microsoft Research and IMDEA . FREAK stands for “Factoring RSA-EXPORT Keys.” As for the “A”, it may be a stand for Apple or Android to be discussed below. The vulnerability dates back to the 1990s, when the US government banned selling crypto software overseas, unless it used

        in Alerts, SSL, SSL Deployment
    0
  • Private Trust and Proxies

    With the news of Superfish, Komodia and PrivDog , there has been some interesting discussion on private trust and HTTPS proxies. Private Trust By private trust, I mean the use of private certification authorities (CAs). On the Internet, we use public trust CAs. These CAs are created in accordance with browser certificate policies, are highly secured and are audited on

        in Alerts, PKI, SSL
    0
  • Is Your SSL Server Vulnerable to a FREAK Attack?

    FREAK is a new man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at INRIA, Microsoft Research and IMDEA . FREAK stands for “Factoring RSA-EXPORT Keys.” As for the “A”, it may be a stand for Apple or Android to be discussed below. The vulnerability dates back to the 1990s, when the US government banned selling crypto software overseas, unless it used

        in Alerts, SSL, SSL Deployment
    0
Page 1 of 4123...»»