March 18, 2022

OpenSSL patches infinite-loop DoS bug in certificate verification

When it comes to writing loops in your code... never sit on the fence!

Naked Security

December 17, 2021

Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble

Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!

Naked Security

September 03, 2021

S3 Ep48: Cryptographic bugs, cryptocurrency nightmares, and lots of phishing [Podcast]

Latest episode - listen now!

Naked Security

August 27, 2021

Big bad decryption bug in OpenSSL – but no cause for alarm

The buggy code's in there, alright. Fortunately, it's hard to get OpenSSL to use it even if you want to, which mitigates the risk.

Naked Security

April 01, 2021

S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor [Podcast]

Latest episode - listen now!

Naked Security

March 28, 2021

Serious Security: OpenSSL fixes two high-severity crypto bugs

The bug that broke security when you turned STRICT mode on...

Naked Security

June 02, 2020

The mystery of the expiring Sectigo web certificate

If you're getting TLS connection errors that suddenly started this weekend, a tired old encryption library might be the problem.

Naked Security

March 08, 2016

Live from RSA – Endpoint security is dead, long live endpoint security [Chet Chat Podcast 234]

Here's the latest episode of our award-winning security podcast - enjoy!

Naked Security

July 18, 2015

SSCC 207 – Windows 2003 R2? The train stops here! [PODCAST]

Our weekly quarter-hour podcast where we turn the latest security news into advice you can use - and have fun at the same time. Enjoy!

Naked Security