Science Daily

Critical vulnerabilities in TLS implementation for Java

In January and April 2014, Oracle has released critical Java software security updates. They resolve vulnerabilities that affected the "Java Secure Socket Extension" (JSSE), a software library ...
InfoWorld

OpenJDK proposals would bolster Java integrity, encryption

One proposal would restrict Java APIs to maintain the strong encapsulation that assures the integrity of code and data, while a second would introduce a Key Encapsulation Mechanism API. Code and data ...
ZDNet

Snooping on HTTPS is about to get harder: TLS 1.3 internet encryption wins approval

The Internet Engineering Task Force (IETF) has approved version 1.3 of the Transport Layer Security (TLS), the key protocol that enables HTTPS on the web. TLS 1.3 was approved by engineers at an IETF ...
HotHardware

Security Researchers Discover New Bleichenbacher TLS 1.3 Encryption Threat Vector

Is your data secure? Researchers recently discovered a new variation of the Bleichenbacher oracle attack that could threaten TLS 1.3 encryption. Seven researchers discovered that OpenSSL, Amazon s2n, ...
ZDNet

It's 2018, and network middleware still can't handle TLS without breaking encryption

An academic study published last month shows that despite years worth of research into the woeful state of network traffic inspection equipment, vendors are still having issues in shipping appliances ...
Computerworld

Big browsers to pull support plug for TLS 1.0 and 1.1 encryption protocols in early ’20

TLS is the successor to the better-known SSL (Secure Socket Layer) encryption protocol; both are used to secure data communications between browsers and the destination server. The makers of the four ...