Collaborate Disseminate
US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e. Continue reading OpenSSL Update Fixes High-Severity DoS Vulnerability
“Ticketbleed” bug in F5 firewalls is no Heartbleed, but it still poses a threat. Continue reading Newly discovered flaw undermines HTTPS connections for almost 1,000 sites
Mozilla says it has lost confidence in WoSign’s ability to protect HTTPS system. Continue reading Firefox ready to block certificate authority that threatened Web security
More than 600 sites found to be vulnerable to demanding exploit called Sweet32. Continue reading HTTPS and OpenVPN face new attack that can decrypt secret cookies
Approach exploits how HTTPS responses are delivered over transmission control protocol. Continue reading New attack steals SSNs, e-mail addresses, and more from HTTPS pages
Hack can be carried out by operators of Wi-Fi hotspots, where HTTPs is needed most. Continue reading New attack that cripples HTTPS crypto works on Macs, Windows, and Linux
Coming to a browser near you, new, post-quantum crypto. Continue reading HTTPS crypto is on the brink of collapse. Google has a plan to fix it
Researchers say 70,000 servers belonging to others also at risk. Continue reading “Forbidden attack” makes dozens of HTTPS Visa sites vulnerable to tampering
The lock icon will be gone by summer; sites using SHA1 to be blocked come January. Continue reading Microsoft to retire support for SHA1 certificates in the next 4 months
Padding oracles and memory corruption threats caused by use of older schemes. Continue reading Aging and bloated OpenSSL is purged of 2 high-severity bugs