TLS News, Articles and Updates

TLS exploit capitalises on 19-year-old vulnerability; vendors issue patch

Researchers recently discovered that a nearly two-decade-old vulnerability in TLS stacks was still exploitable due to insufficient protective counter-measures some used by highly popular websites.

New Ursnif variants silently targets banks and employ redirection attacks

New Ursnif variants being tested in the wild are using redirection attacks to target Australian banks and malicious TLS callback techniques to achieve process injection.

SSL encrypted malware doubles this year, phishing over SSL/TLS up 400%

Increasingly sophisticated malware strains are using SSL to encrypt their activity with malicious SSL-encrypted content more than doubling in the last six months according to a study from Zscaler ThreatLabZ.

Researchers spot malware in encrypted traffic

Cisco researchers have managed to spot malware in encrypted traffic, making a new development in the fight against malware.

Study claims economic globalisation brings on cyber-risk

Businesses have learned to embrace economic globalisation and have expanded operations around the world. A new report from BitSight studies how entering new countries can bring on financial, operational and legal risks, including cyber-risks, to an organisation.

WhiteHat reports The FREAKS are out

Whitehat's top 10 web hacking techniques of 2015 have been released and the freaks have topped the list.

Drown attack could break TLS for third of websites

A new vulnerability could kill a certain kind of encryption for plenty of websites. An OpenSSL update has been rushed out to fix major flaw.

Encryption increasingly used to hide attacks, says new report

Dell's new threat report adds further evidence to support the observation that attackers are increasingly hiding activity within HTTPS.

Cisco says chat client vulnerable to man-in-the-middle attack

Californian tech giant Cisco has released an advisory statement explaining that its chat client Jabber is currently vulnerable to a man-in-the-middle attack.