Infosecurity-magazine.com

Google Swaps Out Crypto Ciphers in OpenSSL

Given recent attacks against older, commonly-used encryption modes RC4 and CBC, the Google team began implementing new algorithms – ChaCha 20 for symmetric encryption and Poly1305 for authentication – ...
Threat Post

OpenSSL Fixes Serious TLS Vulnerability

“OpenSSL is the core cryptographic library CloudFlare uses for SSL/TLS connections. If your site is on CloudFlare, every connection made to the HTTPS version of your site goes through this library. As ...
Dark Reading

Emergency SSL/TLS Patching Under Way

The race is on to fix SSL-based websites and software in the wake of a newly revealed and dangerous flaw in the popular OpenSSL library for encrypting HTTP traffic, with nearly one-third of major ...
Threat Post

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting. When it comes to cyberattacks, adversaries are focusing not just on advanced ...
CSOonline

4 best practices for managing and tracking SSL and TLS certificates

Do you know what SSL protocols you expose to your users? Are your settings optimized for security? Have you properly deprecated older TLS certs? Here's what you need to know. Most of us take Secured ...