Uncategorized

  1. Intrusion Prevention System (IPS) Extended Package (EP) Update Published

    In late January 2016 an updated version of the Intrusion Prevention System (IPS) Extended Package (EP) was released. Although the changes to the EP itself are minor, changes to its scope may make this update significant for vendors seeking accreditation. At first glance version 2.1 of the IPS EP is nearly identical to version 2.0 Read More…

  2. OPEN SSL HIGH SEVERITY VULNERABILITY DISCOVERED

    A high severity vulnerability was discovered in OpenSSL, as a result of which a patch was released on January 28 2016. The vulnerability exists in the cryptographic code library that lets the attacker decrypt the HTTPS communications. Diffie-Hellman key exchange has been a common means of exchanging cryptographic keys over the untrusted channels which further Read More…

  3. To Suite B or Not to Suite B, That is the Question

    Recently, the NSA has updated their Suite B Cryptography webpage: https://www.nsa.gov/ia/programs/suiteb_cryptography/ For Suite B enthusiasts, there is good news and bad news. First, the good news, in addition to the assortment of AES, SHA, and elliptic curve algorithms included in the Suite B specification, the NSA has added some additional algorithm alternatives to elliptic curves. Read More…