NSA: New guidance to eliminate obsolete TLS protocols

Post published:January 9, 2021
Post category:Authentication Configuration Management Cryptography Cybersecurity Articles Vulnerabilities & Exploits

The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).

Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices

Post published:February 27, 2020
Post category:Cryptography Network Security Vulnerabilities & Exploits

Security researchers have discovered a new vulnerability dubbed Kr00k (or "KrØØk") that impacts devices with Broadcom and Cypress Wi-Fi chips.

NSA: Guidance to mitigate cloud vulnerabilities

Post published:February 10, 2020
Post category:Cloud Security Configuration Management Cybersecurity Articles Third-Party Security

The National Security Agency (NSA) has released guidelines to help organizations mitigate cloud vulnerabilities. The NSA document includes four classes of vulnerabilities at most risk to threat actors.

WannaCry, Petya and Copycat Ransomware Expose Good History Lessons for Small Business and Enterprise Security

Post published:January 14, 2020
Post category:Business Continuity & Resiliency Cybersecurity Articles Cybersecurity Attacks Malware

On May 12, 2017, the now infamous WannaCry ransomware burst onto the worldwide scene. WannaCry infected over 200,000 systems and 150 countries in just 3 days.

Bluetooth BR/EDR supported devices vulnerable to cyber attacks

Post published:August 17, 2019
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

Security researchers have identified a security vulnerability related to encryption on Bluetooth BR/EDR connections. As a result, an unauthenticated attacker near the vulnerable device could exploit the issue and escalate privileges or steal information.

WordPress 5.2 “Jaco” comes with new security features

Post published:May 10, 2019
Post category:Cryptography Security Updates & Patches

WordPress version 5.2 dubbed "Jaco" is available for download and includes a number of new security features and improvements, such as digitally-signed updates, Site Health Check, and PHP error protection.

NIST SP 800-177 Revision 1: “Trustworthy Email”

Post published:February 26, 2019
Post category:Cryptography Cybersecurity Articles Messaging Security Standards & Guidelines

The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving "trustworthy email".

Cold boot attack can expose encryption keys, data on laptops

Post published:September 17, 2018
Post category:Cryptography Cybersecurity Attacks Endpoint Security
Post comments:0 Comments

Security researchers at F-Secure have uncovered a decade-old attack that exploits firmware weaknesses in laptops to expose encryption keys and sensitive data.

TLS 1.3 protocol is officially standard

Post published:August 14, 2018
Post category:Application Security Cryptography Data Privacy Standards & Guidelines

The Transport Layer Security (TLS) 1.3 has officially become a standard last week. The new TLS standard now offers improved privacy, security and performance to the internet security protocol.

Bluetooth vulnerability alert

Post published:July 24, 2018
Post category:Vulnerabilities & Exploits
Post comments:0 Comments

NCCIC has issued a security advisory and mitigation guidance for a bluetooth vulnerability that impacts Bluetooth firmware and operating system software drivers from multiple vendors.