Flaws found in OpenSSL encryption module

Friday, 30 November 2007, 11:57 AM EST

The Open Source Software Institute has released a patch and a workaround for problems found in the OpenSSL library of encryption algorithms.

The module gave federal users an open-source option for Secure Sockets Layer virtual private networks when it was certified to Federal Information Processing Standard (FIPS) 140-2 under the federal Cryptographic Module Validation Programs (CMVP). Agencies are required to use FIPS-certified cryptographic products to protect sensitive but unclassified data on non-national-security networks. The patches present a dilemma for federal users of the software.

At GCN.

[ Read more ]




Spotlight

Android Fake ID bug allows malware to impersonate trusted apps

Posted on 29 July 2014.  |  Bluebox Security researchers unearthed a critical Android vulnerability which can be used by malicious applications to impersonate specially recognized trusted apps - and get all the privileges they have - without the user being none the wiser.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //