- January 07, 2020
Threat actors appear to be exploiting vulnerable Pulse Secure VPN servers to hit enterprises with ransomware attacks, even though a patch has been available since April 2019.
- October 08, 2019
Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs from Pulse Secure, Palo Alto Networks and Fortinet, according to a security advisory from the NSA.
- February 12, 2019
Two senators called on the Department of Homeland Security to investigate the possibility that VPNs are allowing valuable information to be routed to foreign adversaries.
- January 30, 2018
Experts urge users to patch a new Cisco ASA vulnerability that earned the most critical CVSS score of 10.0 and could lead to remote code execution and denial-of-service attacks.
- February 27, 2017
After Google rolled out the latest version of Chrome, Blue Coat proxy software issues prompt rollback of TLS 1.3 support in latest version of Chrome browser.
- October 13, 2016
Academic researchers show how to place undetectable encryption backdoors in cryptographic keys and passively decrypt data, which could undermine confidence in certain algorithms.
- September 30, 2016
The cure for a low-severity OpenSSL vulnerability proves worse than the disease, as it opened a new, critical flaw, forcing the OpenSSL Project to rush out a new set of patches.
- August 16, 2016
Fidelis Cybersecurity reports notorious Vawtrak banking Trojan gets upgrades to increase security and evade detection, including SSL pinning and domain generation algorithm.
- December 22, 2015
The Payment Card Industry Security Standards Council unexpectedly pushed back the deadline for enterprises to migrate off of early versions of TLS.
- December 03, 2015
Amazon's s2n passed its first test by patching a flaw quickly, but experts said enterprises still need to be wary of the complexities surrounding TLS implementation.
- May 20, 2015
A newly discovered TLS vulnerability that affects thousands of websites, servers and browser users could allow attackers to bypass encryption.
- April 29, 2015
As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them.
- April 28, 2015
Expert Karen Scarfone examines the top SSL VPN products available today to help enterprises determine which option is the best fit for them.
- April 10, 2015
News roundup: Technology and security acquisitions have seen some healthy activity in 2015, driven by two key trends. Plus: 75% of users aren't vulnerable to Heartbleed?; White House hack tied to phishing; first state digital ID law.
- March 31, 2015
Qualys has added a free, public API to its SSL testing services, which will enable an enterprise to test any website or server for SSL vulnerabilities.