SSL – Page 18 – WindowsTechs.com

IoT Insecurity: Pinpointing the Problems

Posted on July 21, 2016 by Tom Spring

The Internet of Things today faces many challenges and obstacles as it matures, including concerns around security and privacy. Continue reading IoT Insecurity: Pinpointing the Problems→

VU#682704: Misys FusionCapital Opics Plus contains multiple vulnerabilities

Posted on July 19, 2016 by CERT

Misys FusionCapital Opics Plus is used by regional and local financial institutions to manage treasuries. FusionCapital Opics Plus contains several vulnerabilities. Continue reading VU#682704: Misys FusionCapital Opics Plus contains multiple vulnerabilities→

Everything you need to know about loading a free Let’s Encrypt certificate into an Azure website

Posted on July 6, 2016 by Troy Hunt

Let us start with what’s wrong with the world today, and that’s certificate authorities. Just take a look at the trusted root CAs running on a Windows 10 machine:

The very premise of having these root CAs on your machine is that they ultimate get to decide which websites your

Continue reading Everything you need to know about loading a free Let’s Encrypt certificate into an Azure website→

My TLS Rant

Posted on July 6, 2016 by Craig Young

The Internet as we know it is only possible thanks to cryptography and specifically TLS (formerly known as SSL). Without this crucial technology providing a means for private online communications, e-commerce would quite simply not be a thing, and the Internet would likely be little more than a world-wide party line for sharing bad jokes. […]… Read More

The post My TLS Rant appeared first on The State of Security.

Continue reading My TLS Rant→

VU#690343: Acer Portal app for Android does not properly validate SSL certificates

Posted on July 5, 2016 by CERT

The Acer Portal app for Android allows customers to connect to the Acer Cloud. The Acer Portal app,from version 3.9.3.2003 to 3.9.3.2006,does not properly validate SSL certificates when connecting to the Acer Cloud. Continue reading VU#690343: Acer Portal app for Android does not properly validate SSL certificates→

D-Link Patches Weak Crypto in mydlink Devices

Posted on June 14, 2016 by Michael Mimoso

IoT security company Firmalyzer found that mydlink devices from D-Link use weak versions of SSL for remote connections. D-Link has updated its firmware. Continue reading D-Link Patches Weak Crypto in mydlink Devices→

“Forbidden attack” makes dozens of HTTPS Visa sites vulnerable to tampering

Posted on May 26, 2016 by Dan Goodin

Researchers say 70,000 servers belonging to others also at risk. Continue reading “Forbidden attack” makes dozens of HTTPS Visa sites vulnerable to tampering→

Aging and bloated OpenSSL is purged of 2 high-severity bugs

Posted on May 3, 2016 by Dan Goodin

Padding oracles and memory corruption threats caused by use of older schemes. Continue reading Aging and bloated OpenSSL is purged of 2 high-severity bugs→

VU#267328: HP Data Protector does not perform authentication and contains an embedded SSL private key

Posted on April 22, 2016 by CERT

The HP Data Protector does not perform user authentication,even when Encrypted Control Communications is enabled,and contains an embedded SSL private key that is shared among all installations. Continue reading VU#267328: HP Data Protector does not perform authentication and contains an embedded SSL private key→

Opportunistic Knocks – TLS & Mail Security

Posted on April 4, 2016 by Tripwire Guest Authors

Transport Layer Security (TLS) is the unsung champion and defender of all good citizens of the Internet. Rather like some invisible, altruistic Marvel superhero, it works tirelessly behind the scenes each and every day helping to protect the things we need and like to do online. Along with its now atrophied predecessor Secure Sockets Layer […]… Read More

The post Opportunistic Knocks – TLS & Mail Security appeared first on The State of Security.

Continue reading Opportunistic Knocks – TLS & Mail Security→