OpenVPN patched four vulnerabilities privately disclosed by Dutch researcher Guido Vranken, including a critical issue that could lead to remote code execution.
Browsing Tag: Encryption
VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the appliance, among other outcomes.
Rapid7 warned this week that its Nexpose appliances were shipped with a SSH configuration that could have let obsolete algorithms be used for key exchange.
A breach at OneLogin appears to have compromised customer data, including the ability to decrypt encrypted data.
A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week.
The latest Wikileaks dump of Apple hacking tools, the LastPass vulnerabilities, and a new Android security report are discussed.
Bruce Schneier and Orin Kerr have written a paper that explains the technological and legal issues associated with six encryption workarounds available to law enforcement.
Security tools that proxy and inspect HTTPS traffic create a blindspot for network administrators trying to determine whether communication between clients and servers is secure.
WhatsApp and Telegram patched vulnerabilities in the last week that could have let an attacker take over a user’s account.
JSON libraries using the JWE specification to create, sign and encrypt access tokens have been patched against an attack that allows for the recovery of a private key.