Search

Search Keyword SSL Total: 50 results found.

Search Again

Search Result

  1. Best of Application Security (Friday, Nov. 6)

    Category: Network Security & Hacking News/Latest Security News

    ... Cross-subdomain Cookie Attacks PILOT: Production in lieu of testing (AgoraCart FAIL) Facebook and MySpace security: backdoor wide open, millions of accounts exploitable SSL and TLS Authentication Gap ...
    Friday, 06 November 2009

  2. HTTPS, SSL attack vector discovered; fix is on the way

    Category: Network Security & Hacking News/Latest Security News

    A security flaw that has been identified in the Transport Layer Security (TLS) protocol could open the door for man-in-the-middle (MITM) attacks against HTTPS communication. All implementations are said ...
    Friday, 06 November 2009

  3. Slashdot: Man-In-the-Middle Vulnerability For SSL and TLS

    Category: Network Security & Hacking News/Latest Security News

    Slashdot: Man-In-the-Middle Vulnerability For SSL and TLS Slashdot: Man-In-the-Middle Vulnerability For SSL and TLS Read Full Article  ...
    Thursday, 05 November 2009

  4. Vulnerability in TLS Protocol during Renegotiation [CVE-2009-3555]

    Category: Network Security & Hacking News/Global Security News

    A security vulnerability in the TLS protocol (TLS 1.0 or later and SSLv3) may allow an unauthenticated, remote attacker to conduct man-in-the-middle (MITM) type of attacks where chosen plain text may be ...
    Thursday, 05 November 2009

  5. Slashdot: Man-In-the-Middle Vulnerability For SSL and TLS

    Category: Network Security & Hacking News/Latest Security News

    Slashdot: Man-In-the-Middle Vulnerability For SSL and TLS Slashdot: Man-In-the-Middle Vulnerability For SSL and TLS Read Full Article  ...
    Thursday, 05 November 2009

  6. Interesting Information Security Bits for 11/05/2009

    Category: Network Security & Hacking News/Latest Security News

    ...  Tags: ( cheatsheet ) This is the author’s page regarding the SSL/TLS vulnerability just announced. It was a bit more reader friendly and promises to be so again, but the information is still there. ...
    Thursday, 05 November 2009

  7. Major vulnerability in SSL authentication

    Category: Network Security & Hacking News/Latest Security News

    Marsh Ray and Steve Dispensa of PhoneFactor discovered a serious vulnerability in SSL, the most common data security protocol on the Internet. The SSL Authentication Gap allows an attacker to mount a ... ...
    Thursday, 05 November 2009

  8. Vulnerability in SSL/TLS protocol

    Category: Network Security & Hacking News/Latest Security News

    According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. The cause is TLS renegotiation-related design flaws in the protocol ...
    Thursday, 05 November 2009

  9. FTC Says Bloggers Must Disclose Freebies

    Category: Network Security & Hacking News/Latest Security News

    ... for the legalese-disclaimer approach, try something catchy like “I shamelessly took a free widget from Acme Co. in exchange for this review,” or “I have sold my soul and this review to ...
    Wednesday, 04 November 2009

  10. Peer-to-Peer Goes Both Ways

    Category: Network Security & Hacking News/Global Security News

    We all know the dangers of peer-to-peer (P2P) networks and their role in distributing malware. Most people who deal with this problem work tirelessly to limit the impact of these potential threat points ...
    Wednesday, 04 November 2009

  11. The Pavlovian yes box

    Category: Network Security & Hacking News/Latest Security News

    ... take the blame too. It isn't until recently that people have started to do exactly what they are supposed to do and complain and make sure that all of their secured website links are SSL aware. Popular ...
    Monday, 02 November 2009

  12. Defeating Zombies: Five Ways To Improve Defenses

    Category: Network Security & Hacking News/Latest Security News

    ... techniques. Tried and true defensive measures such as firewalls, anti-virus software, Intrusion Detection Systems provide "operational security", but even if this is running flawlessly, it is typically ...
    Friday, 30 October 2009

  13. Microsoft releases fix for crypto patch

    Category: Network Security & Hacking News/Latest Security News

    Designed to prevent the processing of spoofed SSL certificates, the patch also caused an important service to malfunction. As a result, Live Communications Server 2005 and Office Communications Server ...
    Friday, 30 October 2009

  14. A closer look at Acunetix Web Vulnerability Scanner 6.5

    Category: Network Security & Hacking News/Latest Security News

    Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to backend data such as customer databases. SSL and locked-down servers are ... ...
    Thursday, 29 October 2009

  15. CubeCart 4 session management bypass leads to administrator access

    Category: Network Security & Hacking News/Global Security News

    ... $_SERVER. However, $_SERVER, which cannot be faked.  And then, on the second line there is: if(isset($_SERVER) && !detectSSL()) return ...
    Thursday, 29 October 2009

  16. Sun Alert 269208 A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Sun GlassFish Enterprise Server v2.1 may Allow Authentication to be Bypassed

    Category: Network Security & Hacking News/Global Security News

    ...  Sun acknowledges, with thanks, Thomas Roessler from the W3C for bringing this issue to our attention. State: Resolved First released: 29-Oct-2009 Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-269208-1 ...
    Wednesday, 28 October 2009

  17. Caution advised when using the ldd system tool

    Category: Network Security & Hacking News/Latest Security News

    System tool ldd is carelessly coded - a fact which can be exploited by a resourceful attacker to execute code during an analysis System tool ldd is carelessly coded - a fact which can be exploited by ...
    Tuesday, 27 October 2009

  18. Vuln: KDE KSSL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    KDE KSSL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Sunday, 25 October 2009

  19. Vuln: ProFTPD mod_tls Module NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    ProFTPD mod_tls Module NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Thursday, 22 October 2009

  20. ZBOT and a CapitalOne Phish

    Category: Network Security & Hacking News/Latest Security News

    ...  The current spam campaigns (digital certificate lure) and its corresponding websites (fast flux, wildcarded subdomains) share the same characteristics like last year’s SSL Certificate spam campaign. ...
    Thursday, 22 October 2009

  21. Tech Republic: Configure Apache to support multiple SSL sites on a single IP address

    Category: Network Security & Hacking News/Latest Security News

    Tech Republic: Configure Apache to support multiple SSL sites on a single IP address Tech Republic: Configure Apache to support multiple SSL sites on a single IP address Read Full Article  ...
    Wednesday, 21 October 2009

  22. Vuln: Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Monday, 19 October 2009

  23. Government outlines increased penalties for data misuse

    Category: Network Security & Hacking News/Latest Security News

    The Government has outlined its plans to jail people convicted of trading illegally in personal data or knowingly or recklessly disclosing it. Under the plans the jail terms would be introduced next April. ...
    Monday, 19 October 2009

  24. Microsoft "Patch Tuesday" - The Aftermath

    Category: Network Security & Hacking News/Latest Security News

    ... execution. MS09-056 - Nessus Plugin ID 42112 (Credentialed Check) - Fixes the SSL NULL Byte attack discovered by both Moxie Marlinspike and Dan Kaminsky. The "Mitigating Factors" section reads: "Microsoft ...
    Monday, 19 October 2009

  25. Vuln: Mutt NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    Mutt NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Thursday, 15 October 2009

  26. Vuln: GnuTLS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    GnuTLS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Thursday, 15 October 2009

  27. Louisville Metro Infosec 2009

    Category: Network Security & Hacking News/Latest Security News

    ... then review a report of which Anti-virus engines caught it, and which ones did not. You can find more information on the PolyPack web site. SSL - SSLStrip is a tool that tricks the user into running ...
    Thursday, 15 October 2009

  28. Vuln: Neon NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    Neon NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Wednesday, 14 October 2009

  29. Vuln: OpenSSL Multiple Vulnerabilities

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    OpenSSL Multiple Vulnerabilities Read Full Article  ...
    Wednesday, 14 October 2009

  30. Vuln: OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability Read Full Article  ...
    Wednesday, 14 October 2009

  31. My Open Tabs in Firefox

    Category: Network Security & Hacking News/Latest Security News

    ... with this article at all. Thawte discontinues Web of Trust for free SSL certificates thawte is discontinuing it's personal email certificates. Nothing big, but worth pointing out. If you hold a valid ...
    Monday, 12 October 2009

  32. Sun Alert 267031 Heap Overflow in a Regular Expression Parser in Network Security Services (NSS) may Affect SSL Clients (CVE-2009-2404)

    Category: Network Security & Hacking News/Global Security News

    ... remote SSL server to cause a Denial of Service (DoS) to SSL client applications or to possibly execute arbitrary code with the privileges of the SSL client application, via a long domain name in the subject's ...
    Monday, 12 October 2009

  33. Vuln: OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Remote Denial of Service Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Remote Denial of Service Vulnerability Read Full Article  ...
    Monday, 12 October 2009

  34. Vuln: OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities Read Full Article  ...
    Monday, 12 October 2009

  35. Vuln: OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability Read Full Article  ...
    Monday, 12 October 2009

  36. Vuln: Microsoft Internet Explorer NULL Byte CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    Microsoft Internet Explorer NULL Byte CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Monday, 12 October 2009

  37. Thawte discontinues Web of Trust for free SSL certificates

    Category: Network Security & Hacking News/Latest Security News

    All affected certificates will be revoked on the 16th of November. Web of Trust members can enrol for a free one-year certificate with VeriSign All affected certificates will be revoked on the 16th of ...
    Sunday, 11 October 2009

  38. Vuln: Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability Read Full Article  ...
    Sunday, 11 October 2009

  39. Vuln: Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

    Category: Network Security & Hacking News/Security Exploits and Security Patches

    Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability Read Full Article  ...
    Sunday, 11 October 2009

  40. Interesting Information Security Bits for 10/09/2009

    Category: Network Security & Hacking News/Latest Security News

    ...  TaoSecurity: Technical Visibility Levels Tags: ( avialability monitoring ) SSL Still Mostly Misunderstood – DarkReading Tags: ( ssl ) Anton Chuvakin Blog – “Security Warrior”: ...
    Friday, 09 October 2009

  41. Sun Alert 269468 Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates May Cause Arbitrary Code Execution

    Category: Network Security & Hacking News/Global Security News

    Product: Solaris 10 Operating System OpenSolarisSecurity vulnerabilities in thunderbird(1) related to handling of SSL server certificates may allow remote SSL servers with crafted server certificates to ...
    Thursday, 08 October 2009

  42. How the Payment Card Industry could stop Card Fraud

    Category: Network Security & Hacking News/Latest Security News

    ... hassles, and in general merchants continue to replace their card readers over a period of time anyway. So I don’t see why a “phased in” approach wouldn’t be acceptable on a world wide basis. During my ...
    Thursday, 08 October 2009

  43. Good, Bag and Ugly: On SecTor’s Wall of Shame

    Category: Network Security & Hacking News/Latest Security News

    ... Brian Bourne was a victim of his own showcase of vulnerability. Brian posed a tweet, poking fun at himself “Note to self: Tweetdeck does not make SSL connections. My password on wall of shame. I ...
    Thursday, 08 October 2009

  44. Forged PayPal certificate fools IE, Chrome and Safari

    Category: Network Security & Hacking News/Latest Security News

    A trick SSL certificate for www.paypal.com and its pertaining private key should finally force Microsoft, Google and Apple into releasing updates to fix the NULL prefix vulnerability A trick SSL certificate ...
    Tuesday, 06 October 2009

  45. SecTor Tomorrow

    Category: Network Security & Hacking News/Latest Security News

    ... ping me on twitter (@treguly) if you're floating around and want to meet up to chat or grab a drink. If I'm not around, it means I'm rushing to finalize my slides for the SSLFail.com panel. Read ...
    Monday, 05 October 2009

  46. The Basics of Computer Network Security

    Category: Network Security & Hacking Articles/Legacy Security Articles

    ... stole account information for over 10,000 users. Gozi's primary function was to steal credentials being sent over SSL connections before they were encrypted and add them to a database server that would ...
    Saturday, 03 October 2009

  47. E-Commerce Security

    Category: Network Security & Hacking Articles/Legacy Security Articles

    ... dates, to falsely do transactions. Now that being said, there is technology out there that can eliminate this serious threat. SSL - The encryption of data passed through server's means that anyone illegally ...
    Saturday, 03 October 2009

  48. Shop Safely - How to Protect Yourself When Shopping Online

    Category: Network Security & Hacking Articles/Legacy Security Articles

    ... pops up at the point of purchase. Your browser should comply with industry security standards, such as Secure Sockets Layer (SSL). These standards scramble the purchase information you send over the ...
    Saturday, 03 October 2009

  49. Anonymous remailers are a virus spreading online!

    Category: Network Security & Hacking Articles/Legacy Security Articles

    ... addition to a number of applescript scripting additions.  * <Privtool> is a PGP-aware mailer that also supports Mixmaster.  * The Community ConneXion has put the Web-premail gateway on its SSL  ...
    Saturday, 03 October 2009

  50. AnnaKournikova worm decrypted

    Category: Network Security & Hacking Articles/Legacy Security Articles

    ...  Set MapiAdList= Mapi.AddressLists For Each Address In MapiAdList If Address.AddressEntries.Count <> 0 Then NumOfContacts = Address.AddressEntries.Count //Get a list of contacts For ContactNumber ...
    Saturday, 03 October 2009
Search Parameters
Search Only:

Site Search

Sponsor Advertisements

SwiftLayer Affiliate Web Hosting