The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Information Sheet selecting and securing remote access VPNs.
The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).
The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.
The National Institute of Standards and Technology (NIST) has releases its Security Publication (SP) 800-177 Revision 1, that include security guidelines and recommendations for achieving "trustworthy email".
Google announced a major security enhancement to its public Domain Name Service (DNS), the most widely used public DNS recursive resolver service used on the internet.
The Transport Layer Security (TLS) 1.3 has officially become a standard last week. The new TLS standard now offers improved privacy, security and performance to the internet security protocol.
The PCI Security Standards Council (PCI SSC) has published a minor revision to the PCI Data Security Standard (PCI DSS) for organizations that handle branded credit cards from the major card networks.
US-CERT and the CERT Coordination Center (CERT/CC) issued a security advisory on a Transport Layer Security (TLS) vulnerability dubbed "ROBOT".
The NIST standard, SP 800-177 Revision 1, Trustworthy Email (Draft) was released last month and offers up-to-date security guidance to include SPF, DKIM, DMARC, and email digital signatures and encryption (via S/MIME), among others.