NSA Urges SysAdmins to Replace Obsolete TLS Protocols

The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols. Continue reading NSA Urges SysAdmins to Replace Obsolete TLS Protocols

Raccoon Attack: Researchers Find A Vulnerability in TLS 1.2

Bad news: there’s a vulnerability in TLS 1.2. Good news: researchers say it’s “very hard to exploit” and major vendors have already released security patches for it. A team of…
The post Raccoon Attack: Researchers Find A Vulnerability in TLS 1.2 app… Continue reading Raccoon Attack: Researchers Find A Vulnerability in TLS 1.2

Detecting GnuTLS CVE-2020-13777 using Zeek

By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their session resumption code, which lets… Continue reading Detecting GnuTLS CVE-2020-13777 using Zeek

A Seismic Shift for Decrypted Visibility in the Cloud

There is a seismic shift happening in the cloud. Two great, tectonic forces of change are colliding and creating unprecedented disruption for security, DevOps and cloud professionals. Ultimately, this shift has prompted the evolution of how to gain ou… Continue reading A Seismic Shift for Decrypted Visibility in the Cloud

Facebook Open Sources Fizz — TLS 1.3 Library For Speed and Security

Facebook has open sourced Fizz—a library designed to help developers implement TLS 1.3 protocol with all recommended security and performance related configurations.

Since late last month, Google Chrome web browser has started marking all non-HTTPS we… Continue reading Facebook Open Sources Fizz — TLS 1.3 Library For Speed and Security

TLS 1.3 is nearly here

TLS 1.3 is nearly upon us, and with it comes a more secure way to do business online. We look at some of the changes coming into force soon.
Categories:

Security world
Technology

Tags: internetonlineTLSTLS 1.3transport layer security

(Read m… Continue reading TLS 1.3 is nearly here