Archive for the ‘SSL encryption’ Category

OpenSSL Releases Patch For “High” Severity Vulnerability

November 10th, 2016

As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.

The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.

The vulnerability, reported by Robert Święcki of the Google Security Team on

Posted in ddos attack, dos attack, OpenSSL, OpenSSL vulnerability, secure communication, SSL Certificate, SSL encryption, website security | Comments (0)

How Certificate Transparency Monitoring Tool Helped Facebook Early Detect Duplicate SSL Certs

April 11th, 2016

Earlier this year, Facebook came across a bunch of duplicate SSL certificates for some of its own domains and revoked them immediately with the help of its own Certificate Transparency Monitoring Tool service.

Digital certificates are the backbone of our secure Internet, which protects sensitive information and communication, as well as authenticate systems and Internet users.

The

Posted in certificate authority, certificate transparency, Certificate Transparency monitoring service, CT logs, Fake SSL Certificate, HTTP, man-in-the-middle attack, SSL encryption, website encryption | Comments (0)

What is Certificate Transparency? How It helps Detect Fake SSL Certificates

April 11th, 2016

Do you know there is a huge encryption backdoor still exists on the Internet that most people don’t know about?

I am talking about the traditional Digital Certificate Management System… the weakest link, which is completely based on trust, and it has already been broken several times.

To ensure the confidentiality and integrity of their personal data, billions of Internet users blindly

Posted in certificate authority, certificate transparency, certificate transparency logs, digital Certificate, Digital Certificate Manager, forged SSL certificates, HTTPS, Lets Encrypt, SSL encryption | Comments (0)