Displaying items by tag: OpenSSL

COMPANY NEWS: Qualys, a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced it is opening up its award-winning risk management platform to AppSec teams to bring their own detections to assess, prioritise and remediate the risk associated with first-party software and its embedded open-source components.

GUEST OPINION: While repercussions from the recent hacker attacks on Australia's Optus and Medibank are still resounding as media writers estimate ever higher damage costs, attacks on supply chain targets are flying under the radar.

The OpenSSL Project has released fixes for two vulnerabilities in the open-source cryptographic library, with the severity of both rated "high". The accompanying documentation has justified the advice of British security expert Kevin Beaumont not to get carried away by hype over the expected announcement, as iTWire reported.

British security researcher Kevin Beaumont has played down the hype over a recent announcement about a critical flaw in the open-source cryptographic library OpenSSL from Red Hat Linux. The advisory is due on 1 November.

The OpenSSL project, an open-source cryptographic library, has released a fix for a serious vulnerability present in versions 1.0.2, 1.1.1 and 3.0.

The open-source OpenSSL project has released an updated version of its software, 1.1.1k, to fix two vulnerabilities, the severity of both of which has been described as "high".

The OpenSSL project is seeking to go ahead with a change of licence to the Apache Licence Version 2.0 but the way it is doing so appears to have riled up some contributors.

The OpenSSL project has released a patch for a bug in the software that it has classified as being of "high severity".

A 2014 vulnerability in OpenSSL is yet to be patched in about 200,000 Web-facing devices, according to figures from the Shodan search engine.

The worst thing about a distributed denial of service attack is not the attack itself. Rather, it is the slew of bottom-feeders who appear on the horizon after the deed and try to profit from the misery of others.

Apple has release multiple security updates for its Mac system software, along with a new version of iTunes.

Human error has been identified as the key vulnerability of cyber security and a major threat to data privacy, according to the security chief of one global security firm.

Heartbleed is potentially one of the biggest threats to the Internet we've seen - a software bug that may compromise secure communications over the Internet via a vulnerability in the OpenSSL protocol. But what is it? And what should you be doing to protect yourself?

A potentially devastating flaw in in OpenSSL, which is used to protect and secure millions of websites, has been uncovered by security researchers.

We'd have expected that after the Debian OpenSSL bug, everyone would have scrambled to check other implementations.  Unfortunately not, a near-identical bug in Ruby has just been fixed.

Apple has released the Mac OS X 10.6.5 update, but there's no mention of AirPrint support. There's also a security update for Mac OS X 10.5.8.

The problem with corporate networks is they not only stop the bad guys coming in but also your users who want to work remotely, whether at home, at a client site or on the road. Here is where a VPN product comes in, and the simplest to deploy on Windows is a Linux virtual appliance called OpenVPN.