This week, a group of university researchers disclosed a new vulnerability affecting the Diffie-Hellman key exchange. The Diffie-Hellman (DH) key exchange is a cryptographic method for two systems to establish a shared secret over a public communication channel, which they later use to encrypt their communications. Many encryption protocols, including HTTPS, SMTPS, IPSec VPN, … [Read more...]
Microsoft March Patch Madness – Daily Security Byte EP.41
Today's Microsoft Patch Day is huge, with 14 bulletins fixing tens of vulnerabilities (many Critical). If you want to protect your encrypted web connections, and plug a five year old, zero day hole, you should update. See the video for details, or check out our blog post from earlier. (Episode Runtime: 2:28) Direct YouTube … [Read more...]
Apple Patches FREAK – Daily Security Byte EP.40
Apple released four security updates on Monday, fixing flaws in OS X, iOS, Apple TV, and Xcode. Learn about them in today's short video. (Episode Runtime: 1:04) Direct YouTube Link: https://www.youtube.com/watch?v=ak-ZRFKrjwo EPISODE REFERENCES: Apple's Security Update Page - Apple OS X Security Update 2015-002 - Apple iOS 8.2 security update - Apple Apple TV 7.1 … [Read more...]
Should WatchGuard Customer's FREAK Out About SSL?
Last Tuesday, my Daily Security Byte video covered a new vulnerability that affected certain implementations of SSL; specifically ones that still use RSA's export cipher suite (RSA_EXPORT). Back in the day (1992 - 2000), the United States of America restricted the export of strong encryption to certain countries for political reasons. That meant encryption products, such as … [Read more...]
FREAK affects Windows – Daily Security Byte EP.39
I warned you about the FREAK SSL vulnerability on Tuesday. It turns out it affects Windows too. Learn how to mitigate the issue, and get an update on how WatchGuard's products are affected in the video below. (Episode Runtime: 1:56) Direct YouTube Link: https://www.youtube.com/watch?v=JZNdJfMZnik EPISODE REFERENCES: FREAK affects Windows too - Microsoft Advisory — Corey … [Read more...]
