ZDNet

New TLS encryption-busting attack also impacts the newer TLS 1.3

A team of academics has revealed a new cryptographic attack this week that can break encrypted TLS traffic, allowing attackers to intercept and steal data previously considered safe & secure. This new ...
Threat Post

TLS Implementations Vulnerable to RSA Key Leaks

A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys. A number of TLS software implementations contain ...
Linux Journal

Cipher Security: How to harden TLS and SSH

Encryption and secure communications are critical to our life on the Internet. Without the ability to authenticate and preserve secrecy, we cannot engage in commerce, nor can we trust the words of our ...
heise online

Microsoft gets more specific with outdated TLS certificates

Microsoft had already declared in March that TLS certificates with a weak RSA key are considered obsolete. The company is being more specific. In the Windows IT Pro Blog, Microsoft writes that the ...
Threat Post

Second NSA Crypto Tool Found in RSA BSafe

Academics are expected to release a study this week that demonstrates how the NSA used a second cryptographic tool in RSA BSafe crypto libraries called Extended Random to facilitate its spying efforts ...
IT News For Australia Business

Decades-old ROBOT flaw busts open TLS

Facebook, PayPal and other popular websites are at risk from a cryptography flaw in the transport layer security (TLS) protocol that could enable attackers to decrypt communications and traffic. The ...
CSOonline

Continued support for MD5 endangers widely used cryptographic protocols

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...