Tag : transport layer security

image_pdfimage_print

reader comments 47 with 39 posters participating Share this story Microsoft gave its digital imprimatur to a rootkit that decrypted encrypted communications and sent them to attacker-controlled servers, the company and outside researchers said. The blunder allowed the malware to be installed on Windows machines without users receiving a security warning or needing to take ..

Leggi tutto

reader comments 46 with 30 posters participating Share this story OpenSSL, the most widely used software library for implementing website and email encryption, has patched a high-severity vulnerability that makes it easy for hackers to completely shut down huge numbers of servers. OpenSSL provides time-tested cryptographic functions that implement the Transport Layer Security protocol, the ..

Leggi tutto

reader comments 41 with 25 posters participating Share this story A major operational error by GoDaddy, Apple, and Google has resulted in the issuance of at least 1 million browser-trusted digital certificates that don’t comply with binding industry mandates. The number of non-compliant certificates may be double that number, and other browser-trusted authorities are also ..

Leggi tutto

reader comments 39 Share this story A surprisingly big number of top-name websites—Facebook and PayPal among them—recently tested positive for a critical, 19-year-old vulnerability that allowed attackers to decrypt encrypted data and sign communications using the sites’ secret encryption key. The vulnerability in the transport layer security protocol for Web encryption was disclosed in 1998 ..

Leggi tutto