HTTPS

Websites in Russia can’t renew their TLS/HTTPS certs. Moscow’s solution is to create a new certificate authority. But the man-in-the-middle threat should be obvious ...

In this video I demonstrate how PolarProxy can be run in a Windows Sandbox to intercept and decrypt outgoing TLS communication. This setup can be used to inspect otherwise encrypted traffic from ...

What a difference an ‘s’ makes. This seemingly unimportant change could have a big—if unseen—impact ...

There is no one-size-fits-all solution for SSL protection. Each organization has its own unique priorities, business needs, sensitivities, and privacy needs. The post Top 6 Questions to Ask When Selecting SSL Protection ...

Thanks to everyone who submitted to the Secure Developer Challenge for May 2021!For this month’s challenge (https://go.shiftleft.io/developer-challenge-05-2021), we asked you to identify which of these statements about HTTP security headers are false:The correct answer ...

Google Chrome version 90 will default to HTTPS for incomplete URLS. For example, Chrome will load “https://domain.com” when a user types “domain.com.” (And if the HTTPS fails because a site... The post ...

Cybercriminals are increasingly leveraging fileless malware, cryptominers and encrypted attacks, targeting users both at remote locations as well as corporate assets behind the traditional network perimeter. These were among the findings of ...

By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...

You probably overlook it, and yet that letter protects your data every day. On March 12, 2021, the World […] The post HTTP vs. HTTPS: How one letter can make a difference ...

A popular joke among technologists says that it’s always DNS, even when it initially didn’t seem that way. DNS issues come in many shapes and forms, including some often-overlooked security issues. DNS ...