Here Are The Internet’s Top Websites That Still Don’t Use Encryption
Google launches a new effort to push all websites to embrace web encryption. Continue reading Here Are The Internet’s Top Websites That Still Don’t Use Encryption
Category Archives: SSL
DROWN Attack
Earlier this week, we learned of yet another attack against SSL/TLS where an attacker can force people to use insecure algorithms. It’s called DROWN. Here’s a good news article on the attack, the technical paper describing the attack, and a very good technical blog post by Matthew Green. As an aside, I am getting pretty annoyed at all the marketing… Continue reading DROWN Attack
DROWN vulnerability could sink secure internet connections
New SSL/TLS vulnerability (CVE-2016-0800) could allow attackers to obtain encryption keys.Read More Continue reading DROWN vulnerability could sink secure internet connections
The DROWN security hole – what you need to know
DROWN is an attack on TLS/SSL, the cornerstone of web security. It’s the third reminder in 12 months that encryption backdoors hurt us all. Continue reading The DROWN security hole – what you need to know
Almost a third of HTTPS websites about to DROWN
DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption.
As Washington braces for an Apple vs. FBI encryption fight, remnants of the last crypto wars continu… Continue reading Almost a third of HTTPS websites about to DROWN
DROWN attack: 33% of all HTTPS servers declared at risk
Web servers around the world are at risk from a serious security vulnerability, dubbed the DROWN attack, which could allow hackers to steal private information.
Read more in my article on the HEAT Software blog.
Continue reading DROWN attack: 33% of all HTTPS servers declared at risk
More than 11 million HTTPS websites imperiled by new decryption attack
Low-cost DROWN attack decrypts data in hours, works against TLS e-mail servers, too. Continue reading More than 11 million HTTPS websites imperiled by new decryption attack
Darknet Moving Servers & Upgrades Etc
So way back, this was the site 10 years ago when it launched in 2006 – not ALL that much different from today to be honest. The current theme you see here has been in use since April 2010, so almost 6 years as of February 2016 – and it’s come time to change. Which […]
The post Darknet Moving Servers & Upgrades Etc appeared first on…
Read the full post at darknet.org.uk
FREAK SSL Bug Forces Security Makers to Scramble for a Fix
On March 3, security researchers noted that an age-old SSL bug—in existence for more than 10 years—allows hackers under the right conditions to exploit a man-in-the-middle attack and gain access to potentially sensitive information. FREAK (Factoring RSA-EXPORT Keys) SSL relies on outdated ‘export grade’ cryptography settings, which are still contained within some web server code today. According […]
The post FREAK SSL Bug Forces Security Makers to Scramble for a Fix appeared first on ThreatTrack Security Labs Blog.
Continue reading FREAK SSL Bug Forces Security Makers to Scramble for a Fix
FREAK SSL Bug Forces Security Makers to Scramble for a Fix
On March 3, security researchers noted that an age-old SSL bug—in existence for more than 10 years—allows hackers under the right conditions to exploit a man-in-the-middle attack and gain access to potentially sensitive information. FREAK (Factoring RSA-EXPORT Keys) SSL relies on outdated ‘export grade’ cryptography settings, which are still contained within some web server code today. According […]
The post FREAK SSL Bug Forces Security Makers to Scramble for a Fix appeared first on ThreatTrack Security Labs Blog.
Continue reading FREAK SSL Bug Forces Security Makers to Scramble for a Fix