Cybercriminals Turn the Tables on Encryption to Develop New Cybersecurity Threats
Malicious actors are now turning the tables on encryption and leveraging SSL connections to create new cybersecurity threats that subvert detection tools.
SSL Certificates Now Need Mandatory Authorization Checks
According to new guidelines, as of September 2017 SSL certificates will have to be checked against a dataset before they can be issued.
GoDaddy Goofs Up on SSL Certificate Security
GoDaddy had a SSL certificate security problem. A flawed authentication protocol caused the site to revoke 9,000 SSL certificates.
SSL Use by Malware Samples Rises
Symantec's Blue Coat security firm recently discovered an alarming spike in malware samples utilizing SSL since October 2015.
HEIST Uses a Cryptographic Scheme to Steal Data
Cybercriminals developed HEIST, or "HTTP Encrypted Information can be Stolen Through TCP-Windows," to steal data using a cryptographic scheme.
OpenSSL Can Be DROWNed by New Vulnerability
OpenSSL is vulnerable to DROWN, an attack based on support for the obsolete SSLv2 protocol, which leaves OpenSSL programs at risk.
Secure Connections? Virtually All SSL VPN Servers Miss the Mark
A recent study from High-Tech Bridge indicated that the vast majority of SSL VPN servers are unsecured, and many are years behind the industry.
Don’t Count On It: SSL Security Lacking at Big UK Banks
Recent research from one security firm found that SSL security was significantly lacking — and in some cases failing — at major banks around the U.K.
Google No Longer Trusts Symantec’s Root Certificate
Google has recently announced it will not trust Symantec's new root certificate on Chrome, Android and other Google products.
Testing Your SSL Encryption Can Provide Important Security Insights
New, free SSL encryption tests can show areas for improvement with regard to email protection and the best practices for maintaining application security.