GnuTLS

Pierluigi Paganini June 06, 2014
New critical flaws discovered in OpenSSL, patch now

The OpenSSL Foundation has fixed a series of new vulnerabilities, two of them considered critical. Organizations are invited to apply patches asap. The Open SSL has provided a collection of updates for its libraries to fix a series of new vulnerabilities recently reported. The exact number of vulnerabilities affecting OpenSSL is 6 and two of them are […]

Pierluigi Paganini June 05, 2014
The GnuTLS Hello flaw leaves vulnerable SSL clients

Experts at security firm Codenomicon discovered a critical buffer overflow vulnerability in the implementation of the GnuTLS software. GnuTLS, a free software implementation of SSL/TLS/DTLS protocols, it offers a set of application programming interface (API) to enable secure communication over their network transport layer. News of the day is that the widely used cryptographic library is vulnerable […]

Pierluigi Paganini March 07, 2014
HTTPS traffic analysis can leak user sensitive data

A Team of US researchers at UC Berkeley conducted a study on the HTTPS traffic analysis of ten widely used HTTPS-secured Web sites with surprising results. User’s privacy is considered a top priority after Snowden‘ revelations on the US surveillance program, recently a couple of cases have shocked IT security community both related to the […]

Pierluigi Paganini March 05, 2014
GnuTLS flaw in certificate verification exposes Linux world to attacks

A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop,  all Debian and Ubuntu Linux distributions and many […]