Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home Archives for TLS vulnerabilities
TLS tune-up: how to restrict Firefox to TLS v1.3 and v1.2 to protect from phishing attacks

Cloud Insidr 2018-06-02 Leave a Comment

TLS tune-up: how to restrict Firefox to TLS v1.3 and v1.2 to protect from phishing attacks

Only two versions of the TLS (Transport Layer Security) protocol can be considered safe under certain circumstances: TLS 1.3 and TLS 1.2. Trying to get your bank alongside everyone else to fix their websites and web applications is a Herculean task; good luck trying. Even so, you can protect TLS connections by modifying the browser configuration.

It is good to know that there is something you can do to protect at least yourself and the other end users on the networks that you oversee from nasty attacks against their TLS connections. In Firefox, you can restrict the browser to “speak” only TLS 1.3 and TLS 1.2 to limit the attack surface and restrict phishing. Here is how to do it.

[Read more…]

Filed Under: cybersecurity and cyber warfare, encryption Tagged With: TLS, TLS 1.2, TLS 1.3, TLS vulnerabilities

Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities in NGINX

Cloud Insidr 2018-05-21 2 Comments

Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities in NGINX

In light of documented TLS vulnerabilities and implementation bugs, understanding known attack vectors becomes a necessity.

[Read more…]

Filed Under: cybersecurity and cyber warfare, encryption, Uncategorized Tagged With: certificate, cipher suites, cryptography, cybersecurity, Diffie-Hellman, encryption, exploits, HTTP/2, HTTPS, mitigation techniques, RSA, TLS, TLS vulnerabilities

Join Cloud Insidrs!

Symantec Code Signing (200x200)

Tag Cloud

automation AWS Azure Azure Active Directory Azure Arc Azure Lighthouse Azure Resource Manager certbot certificate clickjacking cron CSRF cyber security DD-WRT DNS over HTTPS DoH domain firmware Gemalto HPKP HSTS IAM letsencrypt log logs MFA MITM Netgear network router SELinux time stamp tip Whois WiFi x509 XSS
Secure Site with EV (160x600)

Pearson Education (InformIT)

Pearson Education (Peachpit)

Thawte Code Signing (200x200)

  • Content purchasing and syndication