ZDNet

Advertisers can track users across the Internet via TLS Session Resumption

An academic paper published last month has shed new light on a new user tracking technique that takes advantage of a legitimate mechanism associated with the TLS (Transport Layer Security) protocol ...
Threat Post

New Attack Uses SSL/TLS Information Leak to Hijack HTTPS Sessions

There is a feature supported by the SSL/TLS encryption standard and used by most of the major browsers that leaks enough information about encrypted sessions to enable attackers decrypt users’ ...
Threat Post

Theoretical Lucky Thirteen TLS Attacks Could Turn Practical

For now, the Lucky Thirteen attacks described in a paper last week by researchers at Royal Holloway, University of London, are largely theoretical. But the potential exists to adapt techniques used in ...

What the post-quantum shift means for your security strategy

Quantum computing threatens today’s encryption. Why organizations must adopt hybrid, post-quantum TLS now.
EDN

Understanding LZS Compression in TLS security: A Tutorial

In data communications it is desirable to have faster transfer rates at lower costs. Data compression addresses these demands by reducing the amount of data that must be transferred over a medium of ...

Go Programming Language 1.26 Patches Several Security Flaws

The patched issues span core standard library components including archive/zip and net/http, as well as security-sensitive ...