Infosecurity-magazine.com

Google Swaps Out Crypto Ciphers in OpenSSL

Given recent attacks against older, commonly-used encryption modes RC4 and CBC, the Google team began implementing new algorithms – ChaCha 20 for symmetric encryption and Poly1305 for authentication – ...
Threat Post

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting. When it comes to cyberattacks, adversaries are focusing not just on advanced ...
Threat Post

OpenSSL Fixes Serious TLS Vulnerability

The OpenSSL Project site says that the bug doesn’t affect versions prior to 1.0.1. “A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to ...
CSOonline

4 best practices for managing and tracking SSL and TLS certificates

Do you know what SSL protocols you expose to your users? Are your settings optimized for security? Have you properly deprecated older TLS certs? Here's what you need to know. Most of us take Secured ...