Cloud Insidr

Cybersecurity in the Age of the Machine

Join us on Twitter: @CloudInsidr

Home Archives for HTTP/2
How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty

Leave a Comment

How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty

 

Are you ready for a better security with no performance penalty? Are you ready for a performance bump that can take you places in search engine land? In other words: now that HTTP/2 reached production-grade maturity, nothing should hold you back.

The IoT  revolution will make sure that only the paranoid survive.

[Read more…]

Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities in NGINX

1 Comment

Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities in NGINX

In light of documented TLS vulnerabilities and implementation bugs, understanding known attack vectors becomes a necessity.

[Read more…]

DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!

Leave a Comment

DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!

A recently discovered security vulnerability in OpenSSL allows a long-deprecated protocol, SSL v2 (Secure Sockets Layer) to be misused in attacks at modern websites. The new attack has been, perhaps fittingly, dubbed DROWN, an acronym for Decrypting RSA with Obsolete and Weakened eNcryption. Cyber security analysts believe it might shut down–or shall we say drown, more than one third of all HTTPS servers. Is yours one of them?

[Read more…]

©2022 CybrAnalytiqa OÜ