Science Daily

Critical vulnerabilities in TLS implementation for Java

In January and April 2014, Oracle has released critical Java software security updates. They resolve vulnerabilities that affected the "Java Secure Socket Extension" (JSSE), a software library ...
InfoWorld

OpenJDK proposals would bolster Java integrity, encryption

One proposal would restrict Java APIs to maintain the strong encapsulation that assures the integrity of code and data, while a second would introduce a Key Encapsulation Mechanism API. Code and data ...
ZDNet

Let's Encrypt issues one-billionth web security certificate

Without these TLS certificates, it's trivial to steal your login and password over Wi-Fi. The only way to have reliable security is for every website to use encrypted connections. One reason that hadn ...
ZDNet

It's 2018, and network middleware still can't handle TLS without breaking encryption

An academic study published last month shows that despite years worth of research into the woeful state of network traffic inspection equipment, vendors are still having issues in shipping appliances ...
Dark Reading

Microsoft, Google Take on Obsolete TLS Protocols

Microsoft plans to disable older versions of the Transport Layer Security (TLS) protocol, the ubiquitous communications encryption used to protect information sent over networks and the Internet.
HotHardware

Security Researchers Discover New Bleichenbacher TLS 1.3 Encryption Threat Vector

Is your data secure? Researchers recently discovered a new variation of the Bleichenbacher oracle attack that could threaten TLS 1.3 encryption. Seven researchers discovered that OpenSSL, Amazon s2n, ...
Network World

What do I do if there is no TLS handshake?

Part 6 of a six-part article: Just because you checked a few boxes on your Microsoft Exchange Server does not mean that there is secure TLS encryption between your domain and another SMTP server that ...