Cloud Insidr

Cybersecurity in the Age of the Machine

Join us on Twitter: @CloudInsidr

Home Archives for TLS vulnerabilities
Symantec Code Signing (728*90)
TLS tune-up: how to restrict Firefox to TLS v1.3 and v1.2 to protect from phishing attacks

Leave a Comment

TLS tune-up: how to restrict Firefox to TLS v1.3 and v1.2 to protect from phishing attacks

Only two versions of the TLS (Transport Layer Security) protocol can be considered safe under certain circumstances: TLS 1.3 and TLS 1.2. Trying to get your bank alongside everyone else to fix their websites and web applications is a Herculean task; good luck trying. Even so, you can protect TLS connections by modifying the browser configuration.

It is good to know that there is something you can do to protect at least yourself and the other end users on the networks that you oversee from nasty attacks against their TLS connections. In Firefox, you can restrict the browser to “speak” only TLS 1.3 and TLS 1.2 to limit the attack surface and restrict phishing. Here is how to do it.

[Read more…]

Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities in NGINX

3 Comments

Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities in NGINX

In light of documented TLS vulnerabilities and implementation bugs, understanding known attack vectors becomes a necessity.

[Read more…]

Comodo Elite SSL (OV) (728*90)