Новини
Останнє від SSLGURU LLCNetflix have announced the release of the Message Security Layer protocol (MSL), which they describe as ‘A Modern Take on Securing Communication’. The project is available on github under the Apache 2.0 license, with implementations in Java and JavaScript. The high level goals of the protocol are to improve performance, be cross language, ...
The SSL 3.0 vulnerability stems from the way blocks of data are encrypted under a specific type of encryption algorithm within the SSL protocol. The POODLE attack takes advantage of the protocol version negotiation feature built into SSL/TLS to force the use of SSL 3.0 and then leverages this new vulnerability to decrypt select content ...
If you haven’t done it yet, it’s officially time to get your site more secure. As of this past Wednesday, Google is motivating websites to become secure and is using its search engine results’ ranking as incentive. In a recent blog post by Zineb Ait Bahajji and Gary Illyes, Webmaster Trends analysts for Google, they announced ...
Google Gmail application for iOS is exposed to risks of a Man-in-the-Middle attack which allow bad actors to monitor encrypted email communcations. A security expert at mobile security firm Lacoon has discovered that the version of Gmail for iOS based mobile device does not perform the certificate pinning procedure when ...
Insufficient web hosting security has been a subject of concern lately as successful online security breaches, like the widely publicized HeartBleed bug, have made waves across the media. Hackers are becoming increasingly advanced, and small businesses and major corporations alike are the prized targets of hackers aiming to exploit sensitive data. ...
In the past few months, a few computer security issues have become headline news. Two security issues in particular have computer users changing passwords and downloading updates on a regular basis: The Heartbleed bug and Internet Explorer control. Heartbleed is a security bug that affects web servers using OpenSSL cryptography. OpenSSL stands ...
James Lyne calls his road bike “The Beast,” and he’s brought it to Las Vegas to find out just how vulnerable wireless networks in the city and their users are to hackers. The bike’s thin titanium frame is strapped with three wireless scanners, a basic minicomputer slightly bigger than a deck of cards, a GPS unit and a battery pack to ...
The Heartbleed Bug also known as CVE-2014-0160 is a vulnerability within the OpenSSL cryptographic software library that enables all the SSL/TLS protected information to be stolen under normal conditions. The Heartbleed Bug allows attackers to easily implement MITM, phishing and data theft. Unless something is done soon, Heartbleed could ...
The biggest U.S. internet wiretapping program outside the NSA may be headed to the Supreme Court. Google is asking the high court to rule on the legality of the company’s past sniffing of unencrypted Wi-Fi traffic in neighborhoods around the country as part of its Street View program. An appeals court last September found that the sniffing ...
Phishing: The act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Problem- Most phishing occurs when a client clicks on a URL that is embedded in an email, social media site, adware etc and is redirected to a ...
