Many Websites Vulnerable to 19-Year-Old TLS Decryption Attack

Many websites, firewalls and load balancers are vulnerable to an attack that can allow hackers to decrypt TLS traffic between them and users or to sign data with their certificate’s private key. The weakness was found by independent researcher Ha… Continue reading Many Websites Vulnerable to 19-Year-Old TLS Decryption Attack

PRNG Weakness Reflects Poorly on Government Crypto Certification

Security researchers discovered that the pseudorandom number generator that underpins cryptographic operations in Fortinet appliances and products from other 11 other vendors rendered encrypted traffic vulnerable to snooping for years. The affected pro… Continue reading PRNG Weakness Reflects Poorly on Government Crypto Certification