BLOG ARCHIVE

Fixing the “Heartbleed” OpenSSL Bug: A Tutorial for Sys Admins

So what exactly is the bug anyway? Here’s a very quick rundown: A potentially critical problem has surfaced in the widely used OpenSSL cryptographic library. It is nicknamed “Heartbleed” because the vulnerability exists in the “heartbeat extension” (RFC6520) to the Transport Layer Security (TLS)  and it is a memory leak (“bleed”) issue.  User passwords and… Read More

4 & 5 Year SSL Certificates Being Discontinued in 2015

On March 1st, 2015, The SSL Store™ will discontinue offering SSL certificates with validity periods of 4 and 5 years. This is in accordance with new guidelines set forth by the Certificate Authority/Browser (CA/B) Forum, the governing body of the SSL industry. This update will affect all SSL certificates in… Read More

Microsoft Releases Patch For Dangerous SSL Vulnerability

Perhaps the most commonly known vulnerability of the year was the Heartbleed bug which exploited SSL’s in browsers everywhere. Microsoft may have a similar issue on their hands and has released a patch through Windows Update. This update is extremely critical for anyone using Windows and should be updated as… Read More

How Do I Know If I Am On a Secure Site?

In this day and age internet security is extremely important to users. Because there are many ways for your information to be stolen, secure websites are the only way to safely submit information online. A secure website facilitates a safe connection between a website and the web browser in order to protect… Read More

What is SHA-2 and how does it affect me?

First, let’s understand what SHA-1 does. Both SHA-1 and its successor, SHA-2, are specific types of signing algorithms. Signing algorithms are used as part of the identity validation role that SSL certificates perform. They are mathematical functions (referred to as a “hash”) which, when performed, should calculate a persistent and… Read More

Transitioning from SHA-1 to SHA-2

The transition from SHA-1 to SHA-2 (Secure Hash Algorithm) is coming soon. On November 7th, 2014, Google Chrome will stop displaying the security indicators such as the green padlock and/or green address bar for any certificates using the now outdated SHA-1 algorithm. Luckily, there is a FREE and easy way… Read More

The Heartbleed Bug: What It Means To You?

Chances are, you’ve already heard about the recent discovery of what’s being called the “Heartbleed” bug in OpenSSL.  Basically, this is a vulnerability that existed in OpenSSL for around 2+ years.  The vulnerability was basically a gap where encrypted information could potentially be leaked out to hackers.  It is important… Read More

[Critical Secuirty Alert] CVE-2014-0160 – OpenSSL private key bug

Today there was news regarding an OpenSSL critical security advisory put out (CVE-2014-0160) that affects OpenSSL 1.0.1  This security bug allows a hacker to listen to your SSL encrypted session, capture the private key, stores it, and allows them time to decrypt the session and read it in plain text…. Read More

Contact to get a head start

Email Us Call » 858.368.4545

  • Designed by RedOrum