A total of seven vulnerabilities, most of which can be exploited for DoS attacks, have been patched in OpenSSL.

The post Data Leakage Vulnerability Patched in OpenSSL appeared first on SecurityWeek.

Pentest reports sometimes include bad information under a heading like, “Weak TLS Configuration” or “Insecure SSL Certificates.” This article will explain how TLS is supposed to work, common ways it […]

The post Testing TLS and Certificates  appeared first on Black Hills Information Security, Inc..

David Fletcher// The following blog post is meant to expand upon the findings commonly identified in BHIS reports.  The “Server Supports Weak Transport Layer Security (SSL/TLS)” is almost universal across […]

The post Finding: Server Supports Weak Transport Layer Security (SSL/TLS) appeared first on Black Hills Information Security, Inc..

David Fletcher // On a recent internal penetration test engagement, I was faced with using a Juniper VPN to access the target network. One small problem, Juniper does not formally […]

The post Juniper Two Factor VPN & Linux appeared first on Black Hills Information Security, Inc..

David Fletcher // Have you ever looked at Nessus scan results to find the below in the output? Recently I was on engagement and encountered just this situation.  I found […]

The post TestSSL.sh –Assessing SSL/TLS Configurations at Scale appeared first on Black Hills Information Security, Inc..