Tag Archives: Encryption

Insecure Updates in Joomla Earlier Than 3.6

Uz | Oktobar 9, 2017

In early April I reported safety issues with the replace course of to the safety contact of Joomla. Whereas the problem has been fastened in Joomla 3.6, the communication course of was removed from ideal. The subject itself is fairly easy: Up till lately Joomla fetched details about its updates over unencrypted and unauthenticated HTTP… Detaljnije »

Superfish 2.0: Harmful Certificates on Dell Laptops Breaks Encrypted HTTPS Connections

Uz | Oktobar 5, 2017

tl;dr Dell laptops come preinstalled with a root certificates and a corresponding personal key. That fully compromises the safety of encrypted HTTPS connections. I've supplied an online check, affected customers ought to delete the certificate. It appears that Dell hasn't discovered something from the Superfish-scandal earlier this yr: Laptops from the corporate include a preinstalled… Detaljnije »

The Drawback with OCSP Stapling And Should Staple And Why Certificates Revocation Continues to Be Broken

Uz | Oktobar 5, 2017

Today the OCSP servers from Lets Encrypt have been offline for a while. This has precipitated way more hassle than it ought to have, as a outcome of in principle we've got all of the applied sciences out there to deal with such an incident. Nonetheless resulting from failures in how they're carried out they… Detaljnije »

Pwncloud Dangerous Crypto Within the Owncloud Encryption Module

Uz | Oktobar 5, 2017

The Owncloud net utility has an encryption module. I first turned conscious of it when a press launch was printed promoting this encryption module containing this: Imagine you're an IT group utilizing business normal AES 256 encryption keys. Shall we say that a vulnerability is discovered within the algorithm, and also you now want to… Detaljnije »

Are You Ready For a Catastrophic Information Loss?

Uz | August 29, 2017

If you walked into the workplace this morning to search out that your buyer data had been compromised, or a disgruntled worker had wiped a database clear, would you be ready? Have you ever set preventative measures in place to safeguard you towards whole loss? Do you have got safety features in place that can… Detaljnije »