tls

OpenSSL fixes remote code execution bug

OpenSSL fixes remote code execution bug

Affects X86_64 processors.
Juha Saarinen Jul 6 2022 6:44AM Security
OpenSSL squarely rooted by cert parsing bug

OpenSSL squarely rooted by cert parsing bug

LibreSSL issues patches as well.
Juha Saarinen Mar 16 2022 11:53AM Security
TLS upgrade broke Azure DevOps for some users

TLS upgrade broke Azure DevOps for some users

TLS 1.0/1.1 temporarily turned back on.
Richard Chirgwin Mar 16 2022 11:50AM Security
Head over to the data centre and patch that UPS

Head over to the data centre and patch that UPS

Researchers ignited an APC Smart-UPS as proof-of-concept.
Richard Chirgwin Mar 9 2022 9:33AM Security
GoDaddy took weeks to revoke compromised certificates

GoDaddy took weeks to revoke compromised certificates

Not hours.
Juha Saarinen Dec 10 2021 2:30PM Security
Salesforce open sources malicious server scanner

Salesforce open sources malicious server scanner

JARM uses Transport Layer Security to actively fingerprint hosts.
Juha Saarinen Nov 18 2020 12:55PM Security
September ushers in halved TLS cert lifespans

September ushers in halved TLS cert lifespans

Browser vendors decided 13 months is long enough.
Juha Saarinen Aug 31 2020 11:45AM Security
US .gov sites dropping like flies as certs expire

US .gov sites dropping like flies as certs expire

Scuppered by government shutdown.
Juha Saarinen Jan 17 2019 7:16AM Security
Expired Ericsson cert causes UK and Japan mega outages

Expired Ericsson cert causes UK and Japan mega outages

Manual updates being rolled out.
Juha Saarinen Dec 7 2018 8:17AM Telco/ISP
Telstra alerts business customers after privacy snafu

Telstra alerts business customers after privacy snafu

Telstra Tools leaked contact information.
Juha Saarinen Jul 30 2018 7:01AM Security
TLS cert issuers join forces to shore up trust

TLS cert issuers join forces to shore up trust

Fighting phishing scourge.
Juha Saarinen Jun 28 2018 11:10AM Security
Google mandates TLS encrypted connections for Android apps

Google mandates TLS encrypted connections for Android apps

All networks considered hostile.
Juha Saarinen Apr 13 2018 11:46AM Security
Decades-old ROBOT flaw busts open TLS

Decades-old ROBOT flaw busts open TLS

Sites and equipment vendors issue patches.
Juha Saarinen Dec 14 2017 7:00AM Security
Chrome to provide TLS interception warnings

Chrome to provide TLS interception warnings

Former intern develops warning interstitial for browser.
Juha Saarinen Sep 11 2017 11:58AM Security
Symantec sells TLS cert business to DigiCert

Symantec sells TLS cert business to DigiCert

Billion-dollar deal.
Juha Saarinen Aug 4 2017 6:38AM Security
F5 patches Heartbleed-like 'Ticketbleed' bug

F5 patches Heartbleed-like 'Ticketbleed' bug

Server would return 31 bytes of system memory contents to clients.
Juha Saarinen Feb 10 2017 11:27AM Security
Google to tighten SSL certificate security policies

Google to tighten SSL certificate security policies

In a year.
Juha Saarinen Nov 1 2016 10:00AM Security
Is the DROWN vulnerability really that bad?

Is the DROWN vulnerability really that bad?

[Blog post] Hearts bleed for ops teams.
Tony Campbell Mar 8 2016 2:45PM Security
Major Australian banks vulnerable to DROWN SSLv2 flaw

Major Australian banks vulnerable to DROWN SSLv2 flaw

Disable SSLv2 everywhere to prevent decryption of communications.
Juha Saarinen Mar 2 2016 4:56AM Security
NIST formally chops NSA-tainted random number generator

NIST formally chops NSA-tainted random number generator

Dual_EC_DRBG algorithm no longer part of standard.
Juha Saarinen Jun 29 2015 6:47AM Security

Log In

  |  Forgot your password?