- Security Fixes and Improvements
- By Ionut Ilascu
- January 20th, 2015
PolarSSL Library Vulnerable to Remote Code Execution
Future release includes patch, workaround already available
- Advisories
- By Ionut Ilascu
- December 9th, 2014
POODLE Attack Also Affects Some TLS Implementations
Admins can check if the flaw impacts their servers
- Security Fixes and Improvements
- By Ionut Ilascu
- November 19th, 2014
Chrome 39 Disables SSLv3 Fallback, Awards $41,500 / €33,000 in Bounties
Double-free glitch in Flash and use-after-free vulnerability in Blink lead receive the highest rewards
- Security
- By Ionut Ilascu
- November 4th, 2014
Free Google Tool Shows Network Security Issues
It uses deep packet inspection to detect vulnerable traffic
- Advisories
- By Ionut Ilascu
- October 31st, 2014
Chrome 39 Will Have SSL 3.0 Disabled by Default, Chrome 40 Removes It Completely
TLS 1.0 to be the minimum version for encrypted connections
- Security Fixes and Improvements
- By Ionut Ilascu
- October 16th, 2014
New OpenSSL Fixes Four Security Glitches, POODLE Not the Biggest Concern
Two denial-of-service risks have been mitigated
- Security
- By Ionut Ilascu
- August 22nd, 2014
Popular Android Apps Vulnerable to Man-in-the-Middle Attacks
Issues related to trust managers, certificate verification and ignored SSL errors
- Security
- By Ionut Ilascu
- July 16th, 2014
SSL Blacklist Reveals Certificates Used by Cybercriminals
SHA1 fingerprints for bad certificates amassed in a single database
- Incidents
- By Ionut Ilascu
- July 10th, 2014
National Informatics Centre in India Compromised
Investigation does not reveal full extent of the breach
- Incidents
- By Ionut Ilascu
- July 9th, 2014
Fake Google Digital Certificates Issued by National Informatics Centre in India
Authorities are investigating the cause that led to the incident
- Security Blog
- By Ionut Ilascu
- June 21st, 2014
BoringSSL, an OpenSSL Fork for Google Products
Change prompted by large set of patches for Chrome and Android
- Web Blog
- By Lucian Parfeni
- November 14th, 2013
Google Lists All Known TLS Cipher Vulnerabilities to Help You Pick the Best
With the NSA actively trying to break internet encription, every little bit of info helps
- Security
- By Eduard Kovacs
- February 5th, 2013
Experts Explain the Risks Posed by the Lucky 13 Attack
Venafi and GlobalSign representatives share some insight on the matter
- Security Fixes and Improvements
- By Eduard Kovacs
- February 5th, 2013
Lucky 13: Researchers Find Vulnerabilities in TLS and DTLS Protocols
Nadhem AlFardan and Kenny Paterson have published a detailed paper on the attack method
- Security Blog
- By Eduard Kovacs
- September 13th, 2012
Researchers Demonstrate CRIME Attack Against TLS Protocol [Video]
The experts who presented the BEAST attack return with a new discovery
- Security Fixes and Improvements
- By Eduard Kovacs
- September 23rd, 2011
Browser Vendors Prepare for SSL Attacks
The implementation of the newer protocols turns out to be difficult
- Security
- By Eduard Kovacs
- September 20th, 2011
SSL Encryption Turns Out to Be Highly Vulnerable
Account credentials can be decrypted in 10 minutes