This week we will start off with something that everyone using a web browser should be aware of, but it appears that is not the case. The vast majority of us have no idea what the padlock icon on our internet browser is – and it’s putting us at risk …
Weak cryptographic keys in the wild – UPDATED
This post was originally published on 15 March 2022 Researcher, Hanno Böck, has found very weak cryptographic keys in use that have been generated by SafeZone Crypto Libraries, once owned by Inside Secure and now owned by Rambus. These keys are so weak that consumer grade hardware running old algorithms. …
Continue reading “Weak cryptographic keys in the wild – UPDATED”
TLS certificates are what internet trust is built on
Russia has created it’s own TLS certificate organisation and has started issuing these security and trust certificates to Russian sites, who can no longer access issuing authorities outside of the country, because of sanctions. Moscow to issue TLS certificates to Russian websites • The Register
Samsung smartphones with leaky security
There is an academic paper from Tel Aviv University examining Samsung smartphones and how they implement the cryptographic security. They found that some models had a design flaw that allowed for the extraction of the secret keys. Trust Dies in Darkness: Shedding Light on Samsung’s TrustZone Keymaster Design (iacr.org) Here …
Check your Let’s Encrypt certificate
SSL/TLS certificates are an essential part of the security of communications across the internet. Read how important they are here: Is that website secure? – #BeCyberSmart – Smart Thinking Solutions Website security either some people just don’t get it or they cannot be bothered! – Smart Thinking Solutions Website security …