Blog Posts Tagged with "SSL"

69dafe8b58066478aea48f3d0f384820

Microsoft Workaround for the SSL/TLS Vulnerability

September 28, 2011 Added by:Headlines

"If the user closes all existing HTTP tabs and untrusted HTTPS tabs, then browses to the trusted HTTPS site... and logs out of that HTTPS session before browsing any other HTTP sites or untrusted HTTPS sites, the user will NOT be at risk for this attack..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

BEAST Emerges: Browser Exploit Against SSL/TLS

September 26, 2011 Added by:Headlines

"Cookie[s] [are] encrypted so that an attacker can't grab it and use it himself on your online banking site and impersonate you. But now they are able to decrypt those cookies on the fly and then hijack that session with the secure site and effectively impersonate you..."

Comments  (3)

4ed54e31491e9fa2405e4714670ae31f

Firefox Add-On Cocoon – Strengths and Weaknesses

September 25, 2011 Added by:Kyle Young

Using tools like ettercap, sslstrip, webmitm, dnsspoof, and wireshark, I was not able to retrieve the login credentials that were used to sign on to Cocoon’s privacy service. The way they have implemented SSL with this plugin is probably one of the best SSL implementations I’ve seen in my opinion...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Scammers Exploiting Bogus DigiNotar SSL Certificates

September 20, 2011 Added by:Headlines

Security provider Barracuda Networks has warned of a spamming campaign targeting Royal Bank of Canada customers. The spam messages falsely notify users that their SSL certificate has expired, and that in order to continue using online banking services they are required to update the certificate...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DigiNotar Files for Bankruptcy Following Security Lapse

September 20, 2011 Added by:Headlines

DigiNotar has filed a voluntary bankruptcy petition following a serious breach of security. “We are working to quantify the damages caused by the hacker’s intrusion into DigiNotar’s system and will provide an estimate of the range of losses as soon as possible..."

Comments  (0)

3ac1b4d00e292a1a670a4df0e460892a

Companies Using Secure Protocols in an Insecure Manner

September 16, 2011 Added by:Cor Rosielle

I only looked at the Fortune 500 companies with knowledgeable IT and security staff, and with a board and directors who should care about security and have sufficient budget to get these basic things right. Let's hope the companies are as disappointed about these results as I was...

Comments  (8)

69dafe8b58066478aea48f3d0f384820

DigiNotar Banned from Issuing New Digital Certificates

September 16, 2011 Added by:Headlines

"An unauthorized third party (hacker) has been active on the CA server that is used for issuing qualified certificates... The integrity of the data on the [DigiNotar] server that is used for production and issuance of qualified certificates is therefore impossible to guarantee..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Comodohacker Claims Windows Update Compromise

September 13, 2011 Added by:Headlines

“I’m able to issue Windows updates... I already reversed ENTIRE Windows update protocol, how it reads XMLs via SSL, which includes URL, KB no, SHA-1 hash of file for each update, how it verifies that downloaded file is signed using WinVerifyTrust API..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Facebook Implements New Privacy Feature

September 08, 2011 Added by:Headlines

Users will be prompted when another member tags them, and the content will not be displayed on the users wall publicly until approved. The new feature allows members more active control over the type of content they can be associated with at the request of other Facebook users...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Preliminary Report on Bogus DigiNotar Certificates

September 06, 2011 Added by:Headlines

"A number of servers were compromised. The hackers have obtained administrative rights to the outside webservers, the CA server Relaties-CA and also to Public-CA. Traces of hacker activity started on June 17th and ended on July 22nd..."

Comments  (0)

959779642e6e758563e80b5d83150a9f

Securing Web Servers with SSL

August 31, 2011 Added by:Danny Lieberman

So where does SSL fit in? Well, we know that the vulnerabilities for a PHI data breach can not only happen inside any layer but in particular there are vulnerabilities in the system interfaces between layers. That means between server layers and client-server interfaces...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Potentially Hundreds of Bogus Digital Certificates Issued

August 31, 2011 Added by:Headlines

"Chrome's hardcoded certificate blacklist actually increased by 247 entries... When a Comodo reseller was hacked back in March and its infrastructure was used to issue rogue certs for Google, Hotmail, Yahoo and other sites, Chrome's blacklist increased with just 10 certs..."

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

The Life of a Zero Day Worm

August 18, 2011 Added by:Javvad Malik

Given the number of devices currently connected to the internet, factoring in new devices that are being added daily, subtracting devices being removed, factoring in energy reserves and the possibility of a giant tsunami wiping out humanity, I have approximately 134.2 years to go...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Encrypting the Web with HTTPS Everywhere

August 08, 2011 Added by:Headlines

"Your online reading habits and activities are vulnerable to eavesdropping, and your accounts are vulnerable to hijacking... Electronic Frontier Foundation created HTTPS Everywhere to make it easier for people to keep their user names, passwords, and browsing histories secure and private..."

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

SysAdmin Basics: Why Account Management Is Critical

July 31, 2011 Added by:Jamie Adams

Many SysAdmins are distracted by the urge to patch to address vulnerabilities they aren't susceptible to, or to configure their systems with nifty tricks they found or “how-to” website. This urge is rooted in their belief they are a warrior combating the forces of evil in a cyber war...

Comments  (0)

6429389c5e8a4c9555be876f8484331a

Webcast: The State of SSL on the Internet

June 20, 2011 Added by:Sasha Nunke

The SSL (TLS) protocol is the security backbone of the Internet, but surprisingly little is known about how it is deployed. This session will present the results of the first publicly available survey aimed at assessing the state of SSL. It will also provide documentation and free tools...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »