Pierluigi Paganini
May 08, 2015
More than four million smart meters and similar devices worldwide are open to cyber attacks due to the security issued in the Open Smart Grid Protocol. The Open Smart Grid Protocol (OSGP) is a family of specifications published by the European Telecommunications Standards Institute (ETSI) that are implemented today by more than four million smart […]
Pierluigi Paganini
May 08, 2015
To address the risk PCI DSS 3.1 updates requirements 2.2.3, 2.3 and 4.1 to remove SSL and early TLS as examples of strong cryptography. “The National Institute of Standards and Technology (NIST) has identified the Secure Socket Layers (SSL) v3.0 protocol as no longer being acceptable for protection of data due to inherent weaknesses within the […]
Pierluigi Paganini
May 03, 2015
The Mozilla Foundation is starting the operations to phase the HTTP connections in the Firefox browser according to “encrypt the Web” movement. According to roadmap defined by the Mozilla Foundation, the organization has started the process to move toward full HTTPS enforcement in Firefox browser In November 2014 the Electronic Frontier Foundation (EFF) and other firms, […]
Pierluigi Paganini
April 21, 2015
Google is improving its services, last decision it related to the Ads, the company takes a step towards by deployeng “HTTPS Everywhere”. Another good step, coming from google involving encryption. As you may remember Google started to encrypt back in 2008, when Gmail started to use HTTPS. Since 2008, Google has done a remarkable work […]
Pierluigi Paganini
April 14, 2015
The NYDFS released a new report on the Cyber Security in the Banking Sector that highlights problems faced by almost every bank in the US with third party vendors. Last week, The New York State Department of Financial Services (NYDFS) released a report on the Cyber Security in the Banking industry, the analysis revealed several disconcerting […]
Pierluigi Paganini
April 13, 2015
Encryption has been used by more people over time and this has led to the NSA and the US Government to suggest new ways of accessing encrypted content. The uprising course of encryption and the fact that its use has become a lot more frequent and continues on increasing in popularity has made the United States wonder how they […]
Pierluigi Paganini
April 03, 2015
The security audit of the popular encryption software TrueCrypt reveals the absence of the backdoor and other significant flaws exploitable by the NSA. The news of the day is the conclusion of the security audit of the popular encryption tool TrueCrypt that confirmed the absence of any backdoor neither critical design vulnerabilities inside the source code. TrueCrypt is a […]
Pierluigi Paganini
March 28, 2015
Security experts at Minded Security firm have recently discovered a flaw in the popular networking library for iOS and OS X AFNetworking. The researchers Simone Bovi and Mauro Gentile at the security firm Minded Security discovered a flaw in the popular networking library for iOS and OS X AFNetworking. The researchers found the flaw while were […]
Pierluigi Paganini
March 27, 2015
Bar Mitzvah is the name of a new attack on RC4-Based SSL/TLS encryption that allows disclosure of sensitive data by exploiting a 13-Year-Old Vulnerability. Both Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) cryptographic protocols rely on the Rivest Cipher 4 (RC4) algorithm to encrypt data transfers. The problem is that the […]
Pierluigi Paganini
March 17, 2015
New versions of OpenSSL will be released on Thursday to patch critical security vulnerabilities, one of which is considered very dangerous. The OpenSSL Project Team announced in an advisory published on Monday that new versions of OpenSSL will be released on Thursday to patch several security vulnerabilities. The disconcerting news is that at least one of them […]
