IT News For Australia Business

Addressing PCI SSL weak cipher requirements

For many merchants, the quarterly ASV scan brings back a range of findings relating to weak SSL ciphers and/or implementation of SSLv2 that results in a failing score. Often this can be a time ...
Ars Technica

SSL ciphers

been looking around for easy ways to template cipher standards across all web servers. seem the GPO, cipher suites order settings seems to be the way, so if i populate it with all the weak ciphers ...
Diario Oficial

SSL/TLS Strong Encryption: How-To

The solution to this problem is trivial and is left as an exercise for the reader. -- Standard textbook cookie How to solve particular security problems for an SSL-aware webserver is not always ...
Ars Technica

Web served, part 2: Securing things with SSL/TLS

If you’ve followed the steps we laid out in our initial feature, you’ve got a safe Nginx server all set up and working. It’s serving your static pages without any issue. We don’t yet have a database, ...
TechRepublic

Here’s how to disable outdated TLS and SSL versions in Apache (and why you should)

Here’s how to disable outdated TLS and SSL versions in Apache (and why you should) Your email has been sent Older TLS and SSL protocols can pose a security risk and will no longer be supported as of ...
InfoWorld

Build secure network applications with SSL and the JSSE API

The Internet is a dangerous place. It’s simply too easy to snoop, spoof, and steal unprotected information as it travels over the wires. Last month, I wrote the final article in a series on X.509 ...
Bleeping Computer

Attackers Evade Detection By Randomizing TLS Handshake Ciphers

Cybercriminals are using a new method to evade detection to make sure that the traffic generated by their malicious campaigns is not being detected, a technique based on SSL/TLS signature ...
PC World

Mass surveillance prompts work on SSL deployment guidelines by a Internet-friendly group

A newly created working group within the Internet Engineering Task Force (IETF) has set out to develop best practices for deploying SSL encryption for Internet communications. The IETF describes ...