If you’re getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.
Tag Archives: SSL
Bleichenbacher’s CAT puts another scratch in TLS
Researchers demonstrate Cache-like ATacks against RSA key exchange.
Can we really trust the browser padlock? Fake banking sites given TLS certificates
Banks, Paypal and Apple: type in the URLs wrong, and you may wind up at a typosquatter’s URL.
The OpenSSL “CVE-2015-1793” certificate verification bug – what you need to know
OpenSSL announced on Monday that it had a “high severity” update arriving in three days’ time. That’s today, and the update is out. Paul Ducklin tells you what you need to know…
Bing arrives better late than never to the encryption party
Bing, the perennial web search bridesmaid is finally going to encrypt your search data by default.
Anatomy of a LOGJAM – another TLS vulnerability, and what to do about it
We’ve had BEAST, Lucky Thirteen, BREACH, BEAST, POODLE, Heartbleed and FREAK…now, it’s LOGJAM. Paul Ducklin explains, and tells you what you can do about it.
Facebook opens up Internet.org but there’s no support for HTTPS
Facebook has opened the internet up to users in India and other countries but says it won’t immediately allow HTTPS.
The mobile “security gap” – Pinterest and Yammer the latest gappy apps
Pinterest and Yammer are the latest official mobile apps that didn’t do HTTPS correctly, leaving users at risk of imposters and phishing.
Serious Security: China Internet Network Information Center in TLS certificate blunder
TLS certificates are very important. In fact, you could say they are the cornerstone of online security, especially for e-commerce. So we thought we’d use a story about a recent certificate security blunder to remind you why…
SSCC 189 – Hey, is that your CPU on fire? [PODCAST]
Join Sophos experts Chester Wisniewski and Paul Ducklin for our weekly security podcast. Sharp, witty and educational, as usual (if we do say so ourselves)…enjoy!