Security News

Report finds that over half the malware attacks in Q3 could bypass signature-based malware protection. WatchGuard's latest Internet Security Report finds that cybercriminals shifted their focus to network attacks and sending malware over encrypted channels during the third quarter.

A group of researchers has detailed a new timing vulnerability in Transport Layer Security protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol to extract the shared secret key used for secure communications between two parties.

Researchers from universities in Germany and Israel have disclosed the details of a new timing attack that could allow malicious actors to decrypt TLS-protected communications. Raccoon can allow a man-in-the-middle attacker to crack encrypted communications that could contain sensitive information.

Beginning September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less. Since many organizations lack the automation capabilities necessary to replace certificates with short lifespans at machine scale and speed, they are likely to see sharp increases in outages caused by unexpected certificate expirations.

Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend.

Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months. The lifespan of SSL/TLS certificates has shrunk significantly over the last decade.

Microsoft this week announced that the Transport Layer Security 1.3 protocol is now enabled by default in Windows 10 Insider Preview builds, and that it will be rolled out to all Windows 10 systems. With TLS 1.0 and TLS 1.1 considered insecure, exposing communications to a variety of attacks, including BEAST, CRIME and POODLE, tech companies such as Cloudflare, Google, Microsoft, Mozilla, and others have long been pushing for the retirement of older protocols and the broad adoption of TLS 1.3.

China is now blocking encrypted HTTPS traffic that uses TLS 1.3 with ESNI enabled, according to observers at the Great Firewall Report. While TLS hides the content of a user's communication, it cannot always hide the server they are communicating with because its handshake optionally contains a Server Name Indication field designed to explain where traffic is going.

China is now blocking encrypted HTTPS traffic that uses TLS 1.3 with ESNI enabled, according to observers at the Great Firewall Report. While TLS hides the content of a user's communication, it cannot always hide the server they are communicating with because its handshake optionally contains a Server Name Indication field designed to explain where traffic is going.

Decades old, these protocol versions are considered obsolete, especially since the newer, safer TLS 1.2 and TLS 1.3 have been available for years. In October 2018, Microsoft confirmed plans to remove support for the older protocols from its browsers, and also moved to deprecate TLS 1.0 and 1.1 for the Office 365 service.