All Posts

2 posts

Addressing CVE-2015-0204 FREAK with Qualys VM

This past year we have seen an overwhelming interest in SSL library exploits, and FREAK or "Factoring RSA EXPORT Keys" is another one. The full impact is yet to be known as the flaw was baked in the development of secure web communications, so browsers, web clients and hosts would negotiate the strongest encryption “allowed,” falling back to weaker, “export” protocols as required. The most updated list of browsers appears to include: Internet Explorer, Chrome on Mac OS and Android, Safari on Mac OS and iOS, Blackberry Browser, and Opera on Mac OS and Linux.

Continue reading …

November Patch Tuesday – Part 2

It has been a week since Microsoft has announced their November bulletins and we have seen quite a bit of movement around the Schannel bulletin MS14-066, which had immediately attracted the attention of the security community.

Continue reading …