Diaries by Keyword - Internet Security

Date	Author	Title
2018-01-22	Didier Stevens	HTTPS on every port?
2017-05-30	Johannes Ullrich	FreeRadius Authentication Bypass
2017-03-08	Richard Porter	What is really being proxied?
2017-03-01	Bojan Zdrnja	SSL/TLS on port 389. Say what?
2016-07-05	Johannes Ullrich	Apache Update: TLS Certificate Authentication Bypass with HTTP/2 (CVE-2016-4979)
2016-01-08	Mark Hofman	SLOTH, attack on TLS using MD5
2015-05-20	Brad Duncan	Logjam - vulnerabilities in Diffie-Hellman key exchange affect browsers and servers using TLS
2015-02-11	Johannes Ullrich	Did PCI Just Kill E-Commerce By Saying SSL is Not Sufficient For Payment Info ? (spoiler: TLS!=SSL)
2014-08-11	Bojan Zdrnja	Verifying preferred SSL/TLS ciphers with Nmap
2014-06-12	Johannes Ullrich	Metasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-03-04	Daniel Wesemann	Triple Handshake Cookie Cutter
2011-09-22	Rob VandenBrink	TLS 1.2 - Look before you Leap !
2011-09-20	Kevin Liston	SSL/TLS Vulnerability Details to be Released Friday
2011-07-10	Raul Siles	Security Testing SSL/TLS (HTTPS) Implementations
2010-07-23	Mark Hofman	A bit old, however CISCO has updated the November 2009 TLS renegotiation vulnerability with additional vulnerable products and patch information. More details here http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
2010-04-25	Raul Siles	Manual Verification of SSL/TLS Certificate Trust Chains using Openssl
2010-02-10	Marcus Sachs	Vulnerability in TLS/SSL Could Allow Spoofing
2009-11-13	Adrien de Beaupre	TLS & SSLv3 renegotiation vulnerability explained
2009-11-06	Andre Ludwig	New version of OpenSSL released - OpenSSL 0.9.8l
2009-11-05	Swa Frantzen	TLS Man-in-the-middle on renegotiation vulnerability made public
2009-10-16	Adrien de Beaupre	Cyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-05-09	Patrick Nolan	Unusable, Unreadable, or Indecipherable? No Breach reporting required