Endpoint malware attacks decline as campaigns spread wider
In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are …
The clock is ticking for businesses to prepare for mandated certificate automation
Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign. There could be significant changes …
Unlocking internet’s secrets via monitoring, data collection, and analysis
In this Help Net Security interview, Ryan Woodley, CEO of Netcraft, discusses the importance of monitoring, collecting, and analyzing internet data to gain a profound …
Vulnerabilities in cryptographic libraries found through modern fuzzing
Recently patched vulnerabilities in MatrixSSL and wolfSSL, two open-source TLS/SSL implementations / libraries for embedded environments, have emphasized the great potential …
Evaluating the use of encryption across the world’s top one million sites
A new report from security researcher and TLS expert Scott Helme, evaluates the use of encryption across the world’s top one million sites over the last six months and reveals …
TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switches
Armis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches. Collectively dubbed TLStorm …
Widely used UPS devices can be hijacked and destroyed remotely
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …
Implementing effective ways to exchange sensitive information using encryption
Digital communication, whether it is by email, phone call, SMS or video, is part of every organization’s business process, and as such requires encryption to stay …
Key drivers for the shift to public DNS resolvers
The European Union Agency for Cybersecurity (ENISA) analyses the security pros and cons of using public DNS resolvers. A core part of the internet is the Domain Name System …
EV certificate usage declining: Is the internet becoming more secure?
Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world’s top 1 million sites over the last 18 months shows …
Surge in cyber attacks confirms the need for zero trust security
Zscaler announced the release of a report that tracked and analyzed over 20 billion threats blocked over HTTPS, a protocol originally designed for secure communication over …
OpenSSL 3.0: A new FIPS module, new algorithms, support for Linux Kernel TLS, and more
The OpenSSL Project has released OpenSSL 3.0, a major new stable version of the popular and widely used cryptography library. What is OpenSSL? OpenSSL contain an open-source …