Cisco rolls out a bevy of patches tied to vulnerabilities found in its cloud services platform, IOS software and Prime Home products.
At last week’s Apple Worldwide Developer Conference, Apple announced some security upgrades around Gatekeeper and a new filesystem that includes native support for encryption. Mac hacker Patrick Wardle, director of research at Synack, explains whether this a big deal and how the upgrades address some problems he’d disclosed to Apple.
Google announced this week that it will begin to disable SSLv3 and RC4 a month from now, on June 16.
Apple deployed patches for nearly all of its products, including Safari, OS X, iOS, Apple TV’s tvOS, and watchOS on Monday.
Mike Mimoso and Chris Brook discuss the news of the week including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain.
A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys.
Dennis Fisher and DigiCert’s Jeremy Rowley discuss the company’s certificate issuance for Facebook’s .onion site, the challenge of key protection in today’s environment and what the near future holds for PKI.
Google has initiated a process to revoke trust from any certificates that rely on the outdated SHA-1crytpographic hash algorithm.