Archive for the ‘SSL Certificate’ Category
As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.
The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.
The vulnerability, reported by Robert Święcki of the Google Security Team on
The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.
OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well
A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain.
The certificate authority, named WoSign, issued a base certificate for the Github domains to an unnamed GitHub user.
But How? First of all, do you know, the traditional Digital Certificate
If you have installed Trend Micro’s Antivirus on your Windows computer, then Beware.
Your computer can be remotely hijacked, or infected with any malware by even through a website – Thanks to a critical vulnerability in Trend Micro Security Software.
The Popular antivirus maker and security firm Trend Micro has released an emergency patch to fix critical flaws in its anti-virus product
A critical vulnerability resides in AFNetworking could allow an attacker to cripple the HTTPS protection of 25,000 iOS apps available in Apple’s App Store via man-in-the-middle (MITM) attacks.
AFNetworking is a popular open-source code library that lets developers drop networking capabilities into their iOS and OS X products. But, it fails to check the domain name for which the SSL
Security researchers have uncovered a zero-day vulnerability in iOS 8 that could repeatedly crash users’ Apple iPhones, iPads and iPods when the devices connect to a malicious wireless hotspot.
It’s like Denial of Service (DoS) attack on Apple’s iOS devices that results in crashing either individual iOS apps or users’ entire iPhones.
NO iOS ZONE
Adi Sharabani and Yair Amit of Mobile
Posted in Apple iphone hack, crash iphone, denial-of-service attacks, hacking Wi-Fi, iOS 8 Vulnerability, ipad hacking, iPhone hacking, SSL Certificate, Wi-Fi HotSpot, Zero-Day Vulnerability | Comments (0)
Gogo — one of the largest providers of in-flight Internet service — has been caught issuing fake SSL certificates, allowing the inflight broadband provider to launch man-in-the-middle (MITM) attacks on its own users, view passwords and other sensitive information.
The news came to light when security engineer Adrienne Porter Felt, who works on Google Chrome’s security team, was served the