encryption Archives - Page 4 of 21

Pierluigi Paganini July 04, 2018

Huawei enterprise and broadcast products have a crypto bug. Fix it now!

Huawei has rolled out security fixes for some enterprise and broadcast products to address a cryptography issue tracked as CVE-2017-17174. Huawei has released security updates for some enterprise and broadcast products to address a cryptography issue that was discovered in late 2017. The vulnerability, tracked as CVE-2017-17174, is related to the implementation of an insecure encryption […]

Pierluigi Paganini June 19, 2018

Deprecating TLS 1.0 and TLS 1.1 … kill them now!

The Internet-Draft document if approved formally deprecates Transport Layer Security versions 1.0 (TLS 1.0) [RFC2246] and 1.1 (TLS 1.1) [RFC4346]. In March, the Internet Engineering Task Force (IETF) finally announced the approval of TLS 1.3, the new version of the Transport Layer Security traffic encryption protocol. It was a long journey, the IETF has been analyzing proposals for TLS 1.3 since April 2014, the […]

Pierluigi Paganini May 19, 2018

Chrome evolves security indicators by marking with a red warning for HTTP content

Starting with Chrome 70, Google will mark with a red warning for HTTP content, Big G is continuing its effort to make the web more secure. Since January 2017, Chrome indicates connection security with an icon in the address bar labeling HTTP connections to sites as non-secure, while since May 2017 Google is marking newly registered sites that […]

Pierluigi Paganini May 14, 2018

Critical Flaws in PGP and S/MIME Tools – Immediately disable tools that automatically decrypt PGP-encrypted email

Researchers found critical vulnerabilities in PGP and S/MIME Tools, immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. If you are one of the users of the email encryption tools Pretty Good Privacy and S/MIME there is an important warning for you. A group of European security expert has discovered a set of critical […]

Pierluigi Paganini May 06, 2018

Google announces the open-source Asylo framework for confidential computing

Last week, Google announced the release of an open-source framework and an SDK dubbed ‘Asylo’ that allows developers to build applications targeting trusted execution environments. The Asylo framework makes it easy to protect the confidentiality and integrity of applications and data in an isolated, confidential computing environment. The framework leverages trusted execution environments (TEEs) that implements specialized execution […]

Pierluigi Paganini March 30, 2018

Ensuring best website security through SSL Certificate updates.

What are the advantages for adopting an SSL Certificates and why is it important to discover and analyze SSL Certificates online? Secure Socket Layer (SSL) has gained weight with the increasing concern of security for all sensitive data online. In fact, it is the only reliable source for secure business and data handling. The entire […]

Pierluigi Paganini March 26, 2018

The Internet Engineering Task Force has finally announced the approval of TLS 1.3

The Internet Engineering Task Force (IETF) has finally announced the approval of TLS 1.3, the new version of the Transport Layer Security traffic encryption protocol. It was a long journey, the IETF has been analyzing proposals for TLS 1.3 since April 2014, the final release is the result of the work on 28 drafts. The TLS protocol […]

Pierluigi Paganini March 06, 2018

Facebook improves link security infrastructure by implementing HSTS Preloading

Facebook has implemented HSTS preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook has upgraded its link security infrastructure to include HTTP Strict Transport Security (HSTS) preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook and Instagram links will automatically update from HTTP […]

Pierluigi Paganini February 16, 2018

OpenSSL alpha adds TLS 1.3 support in the alpha version of OpenSSL 1.1.1

OpenSSL adds TLS 1.3 (Transport Layer Security) supports in the alpha version of OpenSSL 1.1.1 that was announced this week. OpenSSL adds TLS 1.3 supports in the alpha version of OpenSSL 1.1.1 that was announced this week. TLS protocol was designed to allow client/server applications to communicate over the Internet in a secure way preventing message forgery, eavesdropping, […]

Pierluigi Paganini December 13, 2017

ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains

ROBOT ATTACK – Security experts have discovered a 19-year-old flaw in the TLS network security protocol that affects many software worldwide. The security researchers Hanno Böck and Juraj Somorovsky of Ruhr-Universität Bochum/Hackmanit, and Craig Young of Tripwire VERT, have discovered a 19-year-old vulnerability in the TLS network security protocol in the software several tech giants […]

encryption

Huawei enterprise and broadcast products have a crypto bug. Fix it now!

Deprecating TLS 1.0 and TLS 1.1 … kill them now!

Chrome evolves security indicators by marking with a red warning for HTTP content

Critical Flaws in PGP and S/MIME Tools – Immediately disable tools that automatically decrypt PGP-encrypted email

Google announces the open-source Asylo framework for confidential computing

Ensuring best website security through SSL Certificate updates.

The Internet Engineering Task Force has finally announced the approval of TLS 1.3

Facebook improves link security infrastructure by implementing HSTS Preloading

OpenSSL alpha adds TLS 1.3 support in the alpha version of OpenSSL 1.1.1

ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Coyote malware is first-ever malware abusing Windows UI Automation

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

Stealth backdoor found in WordPress mu-Plugins folder

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

encryption

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!