Network Protocols and Security
- March 14, 2017
SHA-1 certificates are still in play, despite browser deprecation, as SAP Ariba advises legacy users to use unpatched browsers to avoid error messages, blocked access.
- February 27, 2017
After Google rolled out the latest version of Chrome, Blue Coat proxy software issues prompt rollback of TLS 1.3 support in latest version of Chrome browser.
- February 23, 2017
SHA-1 deprecation in browsers comes as researchers create hash collisions and Google offers website and developer tools to protect against malicious uses.
- February 14, 2017
Panel at RSAC on cryptography trends offers views on AI's coming domination of cybersecurity, quantum computing and quantum cryptography, politics and elections and more.
- February 01, 2017
SSH creator Tatu Ylonen explains why IoT SSH implementations can be dangerous and presents real-world examples of threat actors abusing SSH keys to attack enterprises.
- January 27, 2017
In part two of his interview with SearchSecurity, SSH creator Tatu Ylonen explains why proper SSH key management is crucial and how attackers can use lost or exposed keys.
- January 20, 2017
SSH creator Tatu Ylonen talks with SearchSecurity about how the cryptographic network protocol has grown over the years and why poor SSH security is jeopardizing enterprises today.
- December 30, 2016
In this episode of SearchSecurity's Risk & Repeat podcast, SSH creator Tatu Ylonen talks about the SSH security issues facing enterprises today and how they should be addressed.
- November 21, 2016
As the internet prepares for deprecation of the obsolete secure hashing algorithm, Google and other browser companies prepare to drop support for SHA-1 certificates.
- October 13, 2016
Akamai researchers discovered how unknown threat actors are using an SSH flaw to secretly gain control of IoT devices and turn them into proxies for malicious traffic.
- September 28, 2016
New SWIFT security policy will mandate baseline controls for banking partners, but experts are unsure how effectively the changes can be enforced.
- September 28, 2016
Domain name system watchdog ICANN has begun the process of updating the DNS root zone signing key to strengthen DNSSEC protection against man-in-the-middle attacks.
- August 31, 2016
SWIFT told clients there have been more attacks on its bank messaging system and some have resulted in bank thefts, but no solutions to security are available.
- August 18, 2016
The SWIFT banking system had a number of high-profile hacks earlier this year, and execs are now admitting they ignored security issues until it was too late.
- August 05, 2016
Black Hat researchers report flaws in key web protocols, demonstrating widespread flaws in HTTP/2 implementations; Banner Health announces breach affecting 3.7 million.