CloudInsidr

Cyber security, infotech

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home Archives for cybersecurity and cyber warfare encryption

Cloud Insidr 2024-05-01 Leave a Comment

OpenSSL 3.3 Final Release is now live!

The latest iteration of OpenSSL, version 3.3, has been officially rolled out, marking a significant milestone as the inaugural release under OpenSSL’s biannual time-based release strategy. The OpenSSL team extends its heartfelt gratitude to all contributors whose efforts have been instrumental in bringing OpenSSL 3.3 to fruition.

Key enhancements introduced in OpenSSL 3.3 include:

  • Provision of QUIC qlog diagnostic logging support
  • Facilitation of non-blocking polling for multiple QUIC connections or stream objects
  • Streamlined generation of end-of-stream frames for QUIC connections
  • Option to disable QUIC event processing during API calls
  • Customizable configuration for QUIC idle timeout durations
  • Enhanced capability to ascertain the size and utilization of a QUIC stream’s write buffer
  • Incorporation of RFC 9480 and RFC 9483 extensions to CMP
  • Flexibility to deactivate OpenSSL usage of atexit(3) during build time
  • Integration of SSL_SESSION APIs compatible with the year 2038
  • Automated derivation of Chinese Remainder Theorem (CRT) parameters upon request
  • Adaptability to accommodate unknown algorithm names in TLS signature algorithm and group configuration strings
  • Configuration option for TLS 1.3 servers to prioritize PSK-only key exchange during session resumption
  • Introduction of the EVP_DigestSqueeze() API, facilitating multiple squeezes with varied output sizes for SHAKE
  • Inclusion of exporters for CMake on Unix and Windows platforms, alongside the pkg-config exporter

For a comprehensive overview of all modifications between OpenSSL 3.2 and OpenSSL 3.3, please refer to the CHANGES.md file.

OpenSSL 3.3 marks the commencement of a standard release cycle, initiating a one-year Full Support phase. During this period, our team diligently addresses bugs and security concerns in accordance with our Stable Release Updates Policy. Following the conclusion of the Full Support phase, the Maintenance Support phase commences, lasting another year, with a primary focus on rectifying security issues while addressing other pertinent bugs at our discretion.

OpenSSL 3.3 Download Pages for Fedora Linux

Fedora Rawhide – 3.2.1-6.fc41

Fedora 40 – 3.2.1-2.fc40

Fedora 39 3.1.1-4.fc39

Fedora 38 3.0.9-2.fc38

Looking Ahead to OpenSSL 3.4

Looking ahead, the forthcoming release, OpenSSL 3.4, is currently under the stewardship of Neil Horman (@nhorman). Detailed information regarding the release schedule can be accessed via the new OpenSSL Release Schedule board on GitHub.

For any bug reports or issues concerning OpenSSL, we encourage users to utilize our issue tracker, while queries pertaining to the utilization of OpenSSL 3.3 can be directed to GitHub Discussions.

Filed Under: encryption, homeland security, Linux, Uncategorized

Fixing your Web Server’s Security Headers: From Hall of Shame to Hall of Fame

Cloud Insidr 2020-12-04 Leave a Comment

Fixing your Web Server’s Security Headers: From Hall of Shame to Hall of Fame

[Updated 2022-11-30] This post explains how to set up robust security headers in NGINX to protect your web application from malicious payloads and other forms of attacks. Choose your HTTP(S) headers wisely.

[Read more…]

Filed Under: cloud, edge and everything in between, cybersecurity and cyber warfare, encryption, NGINX, Uncategorized, web servers in the cloud Tagged With: clickjacking, CSRF, HPKP, HSTS, MITM, x509, XSS

Letsencrypt tips and tricks

Cloud Insidr 2019-07-22 Leave a Comment

Letsencrypt tips and tricks

Who wants to issue certificates manually if they can take Letsencrypt’s Certbot to the task.

[Read more…]

Filed Under: cybersecurity and cyber warfare, encryption, NGINX, web servers in the cloud Tagged With: certbot, certificate, letsencrypt

TLS 1.3 and its implications for cyber security

Cloud Insidr 2018-10-04 Leave a Comment

TLS 1.3 and its implications for cyber security

The rise of Quantum computing and the cloud is rewriting the rules of what constitutes “encrypted” communications — with profound implications for the cyber security of our homeland.

“The cyber threat landscape is shifting in real-time, and we have reached a historic turning point,” said Kirstjen Nielsen, U.S. Secretary of Homeland Security, in a recent statement. “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.”

Cybersecurity incidents and data breaches of recent years seem to provide evidence of an invisible warfare raging across the industrialized world with financial, energy and communications systems covertly under constant threat. At the same time, the dependence on data integrity and the reliability of critical infrastructures, particularly cyber physical systems in the military, is growing in importance by the day.

[Read more…]

Filed Under: encryption, homeland security, Uncategorized

How to redirect all http to https in NGINX

Cloud Insidr 2018-09-06 Leave a Comment

How to redirect all http to https in NGINX

When setting up https on an existing server, you need to provide a redirect for all those visitors arriving via http backlinks. Here is how to do this.

[Read more…]

Filed Under: encryption, NGINX Tagged With: HTTPS, NGINX, permanent redirect

  • 1
  • 2
  • 3
  • …
  • 5
  • Next Page »

Subscribe

SSL/TLS Certificate Square (250 x 250)

Pearson Education (InformIT)

SSL/TLS Certificate Medium Rectangle (300 x 250)

©2022 CybrAnalytiqa OÜ

  • Content purchasing and syndication