Blog Posts Tagged with "SSL"

Ffc4103a877b409fd8d6da8f854f617e

Mocana Calls Heartbleed a “Wake-Up Call” for Makers of Smart Connected Devices

April 21, 2014 Added by:InfosecIsland News

Mocana today urged developers of smart connected devices – the smartphones, routers, switches, smart TVs, industrial controls, heating and ventilation systems, appliances and other commercial and consumer hardware increasingly attached to the Internet of Things (IoT) – to heed the wake-up call of Heartbleed and ensure their products are secure, private and safe.

Comments  (0)

306708aaf995cf6a77d3083885b60907

Apple Fixes iOS SSL Validation Flaw That Enables Man-in-the-Middle Attacks

February 21, 2014 Added by:Mike Lennon

Apple has released iOS 7.0.6 which patches a flaw in iOS that enables a man-in-the-middle attack of encrypted (SSL) connections

Comments  (1)

Default-avatar

Gone in 60 Months or Less

September 26, 2013 Added by:Gavin Hill

Cyber-attacks continue to advance in complexity and speed and increasingly target the keys and certificates used to establish trust—from the data center to the cloud. With the advances in technology, is a 60-month, or even a 39-month, validity period for certificates short enough to reduce risk?

Comments  (0)

7e364bbac217114a59e547b354e7f7ad

SSL Wars – Little New Hope

March 28, 2013 Added by:Gary McCully

I thought it was time to write an update regarding the current state of websites that are using SSL/TLS to protect their web applications. Sadly, the current state of SSL/TLS is pretty pathetic. As of March 19, 2013 the SSL Pulse Project reported that many of the most popular sites on the Internet are still struggling with correctly implementing SSL!

Comments  (0)

5a8300df8aa4169096932e433ec884b5

Why doesn't your VPN work on the road?

October 29, 2012 Added by:Rainer Enders

With the ubiquity of mobile devices, staying securely connected to work - in theory - should require nothing more than an internet connection, and seemingly everywhere you travel, whether that be in hotels, airports, or conference trade shows, offer such connections. But the reality is more complicate...

Comments  (0)

5a8300df8aa4169096932e433ec884b5

The Undervalued Security Benefits of IPsec

October 26, 2012 Added by:Rainer Enders

For too long, IPsec struggled with a reputation of being cumbersome to implement and manage. However, even amid the harshest of its critics, its ability to secure data has rarely, if ever, come into question. Now, through advancements in the technology's infrastructure, IPsec has become easy to use...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Key Management Errors in RuggedCom’s ROS

August 23, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a report of hard-coded RSA SSL private key within RuggedCom’s Rugged Operating System (ROS). The vulnerability with proof-of-concept (PoC) exploit code by security researcher Justin W. Clarke can be used to decrypt SSL traffic between an end user and a RuggedCom network device...

Comments  (0)

Aecf1189abe745df32ec68f5864649a6

Does Two-Factor Authentication Need Fixing?

July 03, 2012 Added by:Nick Owen

Assuming that the anti-malware companies cannot keep malware off PCs, what can be done? Well, actually stronger authentication can be applied at certain points in the online banking process to reduce exposure. When people think of two-factor authentication, they typically mean session authentication...

Comments  (1)

37d5f81e2277051bc17116221040d51c

How Do I Protect Myself When Using Wi-Fi?

June 28, 2012 Added by:Robert Siciliano

Today, with criminal hackers as sophisticated as ever, if you are using an open unsecured network on your mobile device, you risk exposing your data. There are many ways for hackers to see who’s connected on a wireless connection, and to gain access to your information...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

OTA Introduces Online Trust Index Measuring Website Security

June 07, 2012 Added by:Headlines

"OTA's work to recognize best practices for sites underscores the importance of focusing on security and privacy holistically. This year's honor roll recipients have demonstrated exceptional leadership and commitment towards consumer protection and to enhance the vitality of the internet"...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NASA Denies Iranian Hacker's SSL Certificate Breach Claims

May 29, 2012 Added by:Headlines

NASA has officially denied that the agency's systems were breached by the Iranian hacker group the "Cyber Warriors Team," which claimed to have compromised a digital SSL certificate after having coded an HTTPS protocol scanner to find weaknesses in the agency's website...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Ninety Percent of HTTPS Websites Insecure

May 08, 2012 Added by:Dan Dieterle

Of the 200,000 HTTPS websites tested, only about 10% are properly secured. Changes need to be made to the secure online transaction system. Several of the issues have already been addressed, sadly it seems that the appropriate measures to secure SSL have just not been taken...

Comments  (5)

53692ae1a8e713373b8a487ce89ee3e2

Three Areas to Test when Assessing Mobile Applications

May 02, 2012 Added by:Tom Eston

Mobile Application testing is something that will evolve as mobile apps get more complex and the business drives more towards mobile solutions. If you’re deploying mobile apps for your business it’s more important than ever to have testing done on three areas at a minimum....

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Growing Importance of Protecting Certificate Authorities

April 08, 2012 Added by:Rafal Los

We've seen a few of the largest CAs get compromised and fake certificates end up in the hands of nation-states which wanted to spy on their population. It goes without saying that there are likely more attacks that we've simply either not picked up or were unreported...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

HTTPS and Tor: Working to Protect Your Security Online

March 09, 2012 Added by:Electronic Frontier Foundation

EFF frequently recommends that Internet users who are concerned about protecting their anonymity and security online use HTTPS Everywhere, which encrypts your communications with many websites, in conjunction with Tor, which helps to protect your anonymity online...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

OTA Advocates Always On SSL

March 05, 2012 Added by:Headlines

Online Trust Alliance (OTA) is calling on the security, business and interactive advertising communities to adopt Always On SSL (AOSSL), the approach of using SSL/TLS across your entire website to protect users with persistent security, from arrival to login to logout...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »