SSL and TLS VPN Security
- February 27, 2017
After Google rolled out the latest version of Chrome, Blue Coat proxy software issues prompt rollback of TLS 1.3 support in latest version of Chrome browser.
- October 13, 2016
Academic researchers show how to place undetectable encryption backdoors in cryptographic keys and passively decrypt data, which could undermine confidence in certain algorithms.
- September 30, 2016
The cure for a low-severity OpenSSL vulnerability proves worse than the disease, as it opened a new, critical flaw, forcing the OpenSSL Project to rush out a new set of patches.
- August 16, 2016
Fidelis Cybersecurity reports notorious Vawtrak banking Trojan gets upgrades to increase security and evade detection, including SSL pinning and domain generation algorithm.
- December 22, 2015
The Payment Card Industry Security Standards Council unexpectedly pushed back the deadline for enterprises to migrate off of early versions of TLS.
- December 03, 2015
Amazon's s2n passed its first test by patching a flaw quickly, but experts said enterprises still need to be wary of the complexities surrounding TLS implementation.
- May 20, 2015
A newly discovered TLS vulnerability that affects thousands of websites, servers and browser users could allow attackers to bypass encryption.
- April 29, 2015
As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them.
- April 28, 2015
Expert Karen Scarfone examines the top SSL VPN products available today to help enterprises determine which option is the best fit for them.
- March 31, 2015
Qualys has added a free, public API to its SSL testing services, which will enable an enterprise to test any website or server for SSL vulnerabilities.
- March 30, 2015
The PCI Security Standards Council has confirmed that PCI DSS 3.1 will be released in just a few weeks. According to a Gartner analyst, the surprise new release could cause major problems for merchants.
- March 13, 2015
News roundup: Hillary Clinton's decision to use a private email domain and server has created a firestorm over her email security mistakes. Plus: OpenSSL audit, Blue Coat acquisition, more Equation details emerge.
- January 09, 2015
Experts say the security industry's 'blind trust' may result in a new wave of security threats caused by fake SSL certificates, including man-in-the-middle and DNS attacks.
- November 17, 2014
Microsoft admitted that MS14-066, released last week to patch a serious Schannel security vulnerability, is causing some users to drop TLS connections.
- November 07, 2014
News roundup: Open Wi-Fi allegedly aided a fugitive in evading authorities, highlighting Wi-Fi hotspot risks as ISPs including Comcast turn residential gateways into hotspots. Plus: Google's nogotofail tool; messaging apps fail EFF security review; ...