Security professional Nikolaos Rangos, who is better known by his online handle Kingcope, has flooded the Full Disclosure mailing list over the weekend with information and exploits for a number of bugs in MySQL and SSH servers.
Finding, managing and analyzing SSL and other digital certificates can be time-consuming, complex and expensive.
A group of researchers from two German universities claim that eight percent of the 13,500 popular, free-of-charge, legitimate Android Android apps they downloaded from Google Play and tested have poorly implemented SSL/TLS protocols that can allow attackers to collect information that the apps send and receive.
From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS.
Ivan Ristic, Director of Engineering at Qualys, talks about SSL Pulse - a continuous and global dashboard for monitoring the quality of SSL support across the top one million web sites.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.