Microsoft Incorporating Algorithms into OS for Perfect Forward Secrecy

Microsoft has a new update that introduces four new ciphers to the default priority cipher list within Windows.  This update applies to Windows 7, 8, 8.1 and Windows Server 2008 and 2012.  With perfect forward secrecy, a private key is negotiated for each session, so unlike other SSL and TLS connections where the public/private keypair for […]

Internet of Things

The Internet of Things (IoT) can provide great benefits to companies of any size. However, connecting more things to the internet can create gaping security holes. Companies primarily focus on securing employee hardware, but can overlook locking-down other devices in the IoT that connect to their systems. Companies should look at the way data from the […]

Lenovo: Researchers find ‘massive security risk’

Are your computer systems safe? PC maker Lenovo is once again called to task over major security vulnerabilities in their systems. According to research conducted by IOActive there are signature validation bypass errors which could allow “man in the middle” attacks against major operating system components that could allow attackers to replace these items with […]

PCI version 3.1 released

The Payment Card Industry Data Security Standard (PCI DSS) 3.1 was released on 4/16/2015 and shows clear reaction to some of the protocol issues that have inundated the news in the year.  Reacting to POODLE and BEAST issues that addressed the underlying protocols, PCI DSS 3.1 has removed all support for SSL and early versions of […]