DUHK Attack against Fortinet Products

When devices use ANSI X9.31 RNG which was removed from the list of FIPS-approved random number generation algorithms in January 2016 to generate cryptographic key under a static seed and under use with long-lived security tunnels like SSL/TLS/SSH/IPSec, such devices are vulnerable to the DUHK...

OracleVM 3.3 : openssl (OVMSA-2015-0005) (FREAK)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3570 - incorrect computation in BNsqr - fix CVE-2014-3571 - possible crash in dtls1getrecord - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix...

NIST SP 800-52 Revision 1 Recommends TLS 1.2 by Jan. 1, 2015

U.S. federal government agencies are being told they should move to TLS 1.2 by the beginning of 2015. The National Institute for Standards and Technology, NIST, recently released NIST Special Publication 800-52 Revision 1, which includes the final public comments made since SP 800-52 was withdraw...