Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...

What is the ALPACA attack? The application layer protocol content confusion attack (ALPACA) was first disclosed in June and presented at Black Hat USA 2021. To understand ALPACA, it’s helpful to ...

The Certification Authority Browser Forum has voted to reduce Secure Sockets Layer/Transport Layer Security certificates to 47 days by March 2029, in a move that will radically alter existing security ...

A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud ...

A new method of covert channel data exchange has been uncovered. It uses a well-known and widely implemented public key certificates standard (X.509), which is a hallmark of both TLS and SSL IP ...

Microsoft plans to disable older versions of the Transport Layer Security (TLS) protocol, the ubiquitous communications encryption used to protect information sent over networks and the Internet.

Every digital transaction—checkout, login, API call—runs on a hidden foundation of millions of machine identities. Transport Layer Security (TLS) certificates, just one type of machine identity, are ...

Researchers at Fidelis Cybersecurity have identified a new technique that attackers can potentially employ for covertly exchanging data using X.509 digital certificates. The method builds on previous ...

The Exim mail transfer agent (MTA) software is impacted by a critical severity vulnerability present in versions 4.80 up to and including 4.92.1. The bug allows local or unauthenticated remote ...