Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DateAuthorTitle
2015-05-20Brad DuncanLogjam - vulnerabilities in Diffie-Hellman key exchange affect browsers and servers using TLS
2015-02-11Johannes UllrichDid PCI Just Kill E-Commerce By Saying SSL is Not Sufficient For Payment Info ? (spoiler: TLS!=SSL)
2014-08-11Bojan ZdrnjaVerifying preferred SSL/TLS ciphers with Nmap
2014-06-12Johannes UllrichMetasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-03-04Daniel WesemannTriple Handshake Cookie Cutter
2011-09-22Rob VandenBrinkTLS 1.2 - Look before you Leap !
2011-09-20Kevin ListonSSL/TLS Vulnerability Details to be Released Friday
2011-07-10Raul SilesSecurity Testing SSL/TLS (HTTPS) Implementations
2010-07-23Mark HofmanA bit old, however CISCO has updated the November 2009 TLS renegotiation vulnerability with additional vulnerable products and patch information. More details here http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
2010-04-25Raul SilesManual Verification of SSL/TLS Certificate Trust Chains using Openssl
2010-02-10Marcus SachsVulnerability in TLS/SSL Could Allow Spoofing
2009-11-13Adrien de BeaupreTLS & SSLv3 renegotiation vulnerability explained
2009-11-06Andre LudwigNew version of OpenSSL released - OpenSSL 0.9.8l
2009-11-05Swa FrantzenTLS Man-in-the-middle on renegotiation vulnerability made public
2009-10-16Adrien de BeaupreCyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-05-09Patrick NolanUnusable, Unreadable, or Indecipherable? No Breach reporting required