This Month in SSL: January 2015

Here is our latest news roundup of articles about network and SSL security. Click here to see the whole series. SSL & Encryption News Google Chrome 40 was released on January 23, which means we’re only one version away from the deprecation of SHA-1 which is scheduled for version 41. Mozilla Firefox announced that they will soon not trust 1024-bit ...
Digital Security News

Here is our latest news roundup of articles about network and SSL security. Click here to see the whole series.

SSL & Encryption News

Data Security

Vulnerabilities

  • Four updates released by OpenSSL fix multiple moderate to low risk vulnerabilities found in OpenSSL.
  • Microsoft announced that they will be disabling SSL 3.0 in Azure storage on February 20, 2015.
  • Nineteen major vulnerabilities found in Java are addressed with Oracle’s new updates, the updates also disable SSL 3.0 by default.
  • Qualys discovered a major vulnerability in Linux systems known as the GHOST attack. GHOST allows an attacker access to a system without needing system credentials.
  • Adobe released patches for two zero-day vulnerabilities found in the Adobe Flash Player.

Malware

Data Breaches

Source: blog.digicert.com