+Vote!
The Edge of I-Hacked (Free subscription) | yesterday
... a critical security advisory has been released: a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable. The solution? Upgrade OpenSSL and re-generate all your SSH and SSL keys. This problem not only affects Debian, but also all its derivatives,...
+Vote!
Security Bytes (Free subscription) | yesterday
If you're an SSH and Linux user, this is not a good week for you. Not only did Debian announce that a flaw in its OpenSSL implementation allows attackers to easily guess cryptographic keys, but now HD Moore has posted a list of SSH keys that he was able to brute-force by reverse engineering the list of blacklisted keyspace that Debian published. Oh, and there also is a large spike in the volume of...
+Vote!
Softpedia - Latest Mac software (Free subscription) | yesterday
check_ssl_cert - Nagios plugin to check the CA and validity of an X.509 certificate on HTTPS server
+Vote!
Fergie's Tech Blog (Free subscription) | 13 hours ago
... number generator used to produce a variety of digital keys, including SSH (Secure Shell) keys and SSL (Secure Socket Layer) certificates. The latter are widely used to secure traffic between users and secure sites on the Internet. According to Moore, the bug makes it relatively easy to "guess" keys. In a blog post yesterday, Moore claimed he was able to generate 1024- and 2048-bit keys in about...
+Vote!
Bosanova.net (Free subscription) | yesterday
SSL 5250 Emulation Available on BOSaNOVA Thin Clients
+Vote!
Electronics Infoline (Free subscription) | yesterday
It was announced yesterday that sometime back in September 2006 a line of code was removed from the Debian distributed OpenSSL package. That one line of code was responsible for causing an uninitialized data warning in Valgrind.
+Vote!
Ars Technica (Free subscription) | 05/14/2008
Apple yesterday updated its PGP keys, a process it does every two years to prevent the keys from being cracked. Just another step that Apple takes to keep Mac OS X secure. Read More...
+Vote!
Market Wire (Free subscription) | 05/14/2008
MOUNTAIN VIEW, CA (MARKET WIRE) VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services for the networked world, today announced that the company has deployed one million active Secure Sockets Layer (SSL) Certificates, which already provide security for more than 93 percent of the Fortune 500 and the world's 40 largest banks.
+Vote!
Computer World (Free subscription) | 10 hours ago
We take a look at the functionality and effectiveness of the IAG paired with the Celestix WSA4000 SSL VPN Appliance.
+Vote!
[SecurityRatty] Lattest Articles (Free subscription) | 11 hours ago
We take a look at the functionality and effectiveness of the IAG paired with the Celestix WSA4000 SSL VPN...
+Vote!
Press Booth (Free subscription) | 15 hours ago
Web's three leading SSL Certificate brands extend reach to deliver secure Internet experience and build consumer trust in online transactions
+Vote!
Internet News (Free subscription) | 17 hours ago
Flaw in an SSL package has led to an Internet security storm surge.
+Vote!
Security Fix (Free subscription) | yesterday
Online merchants who have used a Debian-based operating system to generate secure sockets layer (SSL) certificates for encrypting customer communications should check to make sure the private key needed to decrypt those transactions isn't already posted on the Web for all to see. Normally, even if an attacker is able to intercept https:// traffic between a commercial Web site and a customer, the bad...
+Vote!
Latest Secunia Security Advisories (Free subscription) | yesterday
A vulnerability has been reported in Cisco Catalyst Content Switching Module (CSM) and Cisco Catalyst Content Switching Module with SSL (CSM-S), which can be exploited by malicious people to cause a DoS (Denial of Service). Be sure to check if your system is missing security updates or have insecure applications installed: http://secunia.com/software_inspector/ Feature Overview - The Secunia Software...
+Vote!
Techlog (Free subscription) | yesterday
Description of the Data Protection Manager 2007 hotfix rollup 3. Issues Resolved: - Recovery of SSL Sites does not work - Consistency Check on compressed volume results in full Initial Replication - Deleting old Recovery Points is not freeing space on Recovery Point Volume - Consistency check does not complete in reasonable time - User intent for Max Duration of Consistency Check job is not honored...
