Credit to Author: Paul Ducklin| Date: Tue, 10 Jan 2023 17:59:26 +0000
It’s remotely triggerable, but attackers would already have pretty deep network access if they could “prime” your server for compromise.
Read more
Credit to Author: Paul Ducklin| Date: Fri, 06 Jan 2023 17:59:18 +0000
Stand down from blue alert, it seems… but why not plan your cryptographic agility anyway?
Read more
Credit to Author: Paul Ducklin| Date: Thu, 05 Jan 2023 17:52:39 +0000
Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now! (Full transcript inside.)
Read more
Credit to Author: Paul Ducklin| Date: Wed, 04 Jan 2023 19:50:54 +0000
Lessons for us all: improve cryptography, fight cybercrime, own your supply chain… and don’t steal my data and then pretend you’re sorry.
Read more
Credit to Author: Paul Ducklin| Date: Wed, 04 Jan 2023 17:50:54 +0000
Lessons for us all: improve cryptography, fight cybercrime, own your supply chain… and don’t steal my data and then pretend you’re sorry.
Read more
Credit to Author: Paul Ducklin| Date: Thu, 29 Dec 2022 13:45:11 +0000
Cryptographic agility: the ability and the willingness to change quickly when needed.
Read more
Credit to Author: Paul Ducklin| Date: Wed, 30 Nov 2022 17:58:49 +0000
It’s not just the hashing, by the way. It’s the salting and the stretching, too!
Read more
Credit to Author: Paul Ducklin| Date: Thu, 03 Nov 2022 00:44:19 +0000
How to Hack! Finding OpenSSL library files and accurately identifying their version numbers…
Read more
Credit to Author: Paul Ducklin| Date: Tue, 01 Nov 2022 17:24:07 +0000
That bated-breath OpenSSL update is out! It’s no longer rated CRITICAL, but we advise you to patch ASAP anyway. Here’s why…
Read more
Credit to Author: Paul Ducklin| Date: Tue, 01 Nov 2022 14:09:10 +0000
As everyone waits for news of a bug in OpenSSL, here’s a reminder that other cryptographic code in your life may also need patching!
Read more