NSA issues new guidance on encrypted DNS
The National Security Agency (NSA) has issued new guidance for adopting encrypted DNS over HTTPS dubbed "DoH."
Continue Reading
NSA issues new guidance on encrypted DNS
NSA: New guidance to eliminate obsolete TLS protocols
The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).
Continue Reading
NSA: New guidance to eliminate obsolete TLS protocols
GnuTLS patches TLS vulnerability that could cause MITM attack
The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.
Continue Reading
GnuTLS patches TLS vulnerability that could cause MITM attack
Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices
Security researchers have discovered a new vulnerability dubbed Kr00k (or "KrØØk") that impacts devices with Broadcom and Cypress Wi-Fi chips.
Continue Reading
Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices
NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.
Continue Reading
NIST SP 800-52 Rev. 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
YubiKey FIPS devices recalled after security issue found
Yubico has issued a recall of certain models of its YubiKey FIPS series devices after the company discovered security issues.
Continue Reading
YubiKey FIPS devices recalled after security issue found
WordPress 5.2 “Jaco” comes with new security features
WordPress version 5.2 dubbed "Jaco" is available for download and includes a number of new security features and improvements, such as digitally-signed updates, Site Health Check, and PHP error protection.
Continue Reading
WordPress 5.2 “Jaco” comes with new security features
Facebook says Millions of Instagram passwords stored in clear text
Facebook provided an update to a previously disclosed incident involving insecurely storing "tens of thousands" of Instagram users' passwords on internal servers in clear text. Facebook now says that "millions" of Instagram accounts are now impacted.
Continue Reading
Facebook says Millions of Instagram passwords stored in clear text
VPN applications exposed to critical vulnerability
Multiple VPN applications are vulnerable to not properly encrypting sensitive data and insecurely storing session cookies.
Continue Reading
VPN applications exposed to critical vulnerability
Firefox Send – a new free encrypted file transfer service
Mozilla just introduced Firefox Send, a free encrypted file transfer service that allow users to safely and simply share files via any browser.
Continue Reading
Firefox Send – a new free encrypted file transfer service