ssl

SSLv3 Disabled Due to POODLE Bug

Engineers at Google found a new vulnerability in SSL version 3.0 (SSLv3) and they call it POODLE (Padding Oracle On Downgraded Legacy Encryption). The vulnerability allows an attacker to add padding to a request in order to then calculate the plaintext of…

SSL Transition: SHA-1 to SHA-2

Most, if not all SSL Certificates today are running the SHA-1 cryptographic hash algorithm, which is getting weaker and easier to be attacked.  Google and Microsoft announced SHA-1 deprecation plans that may affect websites with SHA-1 SSL Certificates expiring as early as…

We’re Protected from the Heartbleed Bug!

All of our servers are fully protected from the Heartbleed Bug (CVE-2014-0160). The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to…