Threat Post

Email Bug Allows Message Snooping, Credential Theft

A year-old proof-of-concept attack that allows an attacker to bypass TLS email protections to snoop on messages has been patched. Researchers warn hackers can snoop on email messages by exploiting a ...
Ars Technica

“Lucky Thirteen” attack snarfs cookies protected by SSL encryption

Software developers are racing to patch a recently discovered vulnerability that allows attackers to recover the plaintext of authentication cookies and other encrypted data as they travel over the ...
MCPmag

Empire of the Air: WEP and EAP

TLS and 802.1x EAP protects the initial wireless authentication. The next vulnerable portion of the transaction, the WEP key exchange, is protected using TLS. The authentication phase of a standard ...
Network World

What do I do if there is no TLS handshake?

Part 6 of a six-part article: Just because you checked a few boxes on your Microsoft Exchange Server does not mean that there is secure TLS encryption between your domain and another SMTP server that ...
Security Boulevard

SSH vs SSL/TLS: Definitions & Differences of Communication Protocols

What is SSL/TLS? SSL and TLS are protocols used on the transport layer, which is used to provide a secure connection between two nodes in a computer network. The first widely used protocol that was ...
Search Engine Land

Google Sending Messages To Webmasters For SSL/TLS Certificate Not Matching

Google is now sending some webmasters notifications when their SSL/TLS certificates do not match their domain names. The new notification was first spotted by @MediaWyse. It had the subject, “SSL/TLS ...