For many merchants, the quarterly ASV scan brings back a range of findings relating to weak SSL ciphers and/or implementation of SSLv2 that results in a failing score. Often this can be a time ...

been looking around for easy ways to template cipher standards across all web servers. seem the GPO, cipher suites order settings seems to be the way, so if i populate it with all the weak ciphers ...

The Internet is a dangerous place. It’s simply too easy to snoop, spoof, and steal unprotected information as it travels over the wires. Last month, I wrote the final article in a series on X.509 ...

If you’ve followed the steps we laid out in our initial feature, you’ve got a safe Nginx server all set up and working. It’s serving your static pages without any issue. We don’t yet have a database, ...

Here’s how to disable outdated TLS and SSL versions in Apache (and why you should) Your email has been sent Older TLS and SSL protocols can pose a security risk and will no longer be supported as of ...

The solution to this problem is trivial and is left as an exercise for the reader. -- Standard textbook cookie How to solve particular security problems for an SSL-aware webserver is not always ...

A newly created working group within the Internet Engineering Task Force (IETF) has set out to develop best practices for deploying SSL encryption for Internet communications. The IETF describes ...

Cybercriminals are using a new method to evade detection to make sure that the traffic generated by their malicious campaigns is not being detected, a technique based on SSL/TLS signature ...

Another month, another database security disaster. It seems database security breaches are becoming more common as bad actors realize that databases contain lots of, well, data. How does this keep ...