Threat Post

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting. When it comes to cyberattacks, adversaries are focusing not just on advanced ...
PC World

Google speeds up encrypted Web communications in Chrome on Android

Google has added support for a new TLS cipher suite in its Chrome browser for Android that the company claims will provide better security and performance for encrypted communications on mobile ...
Bleeping Computer

Attackers Evade Detection By Randomizing TLS Handshake Ciphers

Cybercriminals are using a new method to evade detection to make sure that the traffic generated by their malicious campaigns is not being detected, a technique based on SSL/TLS signature ...
PC World

Microsoft fixes critical crypto flaw, strenghtens encryption for older systems

Microsoft fixed a critical vulnerability Tuesday in the Windows cryptographic library that could expose Windows servers to remote code execution attacks. The update also adds support for stronger and ...
Bleeping Computer

NSA shares guidance, tools to mitigate weak encryption protocols

The National Security Agency (NSA) has shared guidance on how to detect and replace outdated Transport Layer Security (TLS) protocol versions with up to date and secure variants. The US intelligence ...

DNS Assistant Launches as the First Self-Serve DNS Posture Management (DNSPM) Platform for SMBs and Mid-Market Teams

New SaaS platform delivers enterprise-grade DNS monitoring, TLS security auditing, email authentication health checks, ...
Threat Post

SMTP STARTTLS Deployments Better than Expected, Facebook Says

Facebook dug into the prevalence of SMTP STARTTLS deployments for email encryption and found that 58 percent of messages are sent encrypted and certificate validation happened without a hitch. As more ...
Infosecurity-magazine.com

Google Swaps Out Crypto Ciphers in OpenSSL

Given recent attacks against older, commonly-used encryption modes RC4 and CBC, the Google team began implementing new algorithms – ChaCha 20 for symmetric encryption and Poly1305 for authentication – ...