#jobs #incident #vulnerability #patch-management #security-tools #ai #detection-engineering #exploit #breach #malware #ransomware #phishing #cloud #zero-day #authentication
Articles tagged with: #tls Clear filter
TLoRa: Implementing TLS Over LoRa for Secure HTTP Communication in IoT

TLoRa: Implementing TLS Over LoRa for Secure HTTP Communication in IoT

cs.CR updates on arXiv.org arxiv.org

arXiv:2510.02519v1 Announce Type: new Abstract: We present TLoRa, an end-to-end architecture for HTTPS communication over LoRa by integrating TCP tunneling and a complete TLS 1.3 handshake. It enables a seamless and secure communication channel between WiFi-enabled end devices and the Internet over LoRa using an End Hub (EH) and a Net Relay (NR). The EH tethers a WiFi hotspot and a captive portal for user devices to connect and request URLs. The EH forwards the requested URLs to the NR using a...

#tls
Use KQL to Surface Non-Recommended TLS Parameters (IANA-based)

Use KQL to Surface Non-Recommended TLS Parameters (IANA-based)

Detect FYI - Medium detect.fyi

Time ago, I developed a group of KQL queries to flag network negotiations tagged as non-recommended TLS curves and cipher suites based on IANA. Since then, I've repeatedly seen posts and vendor advisories showing that IANA-listed non-recommended items are being deprecated more frequently - for example, recent Microsoft 365 notices ( Legacy TLS cipher suites deprecated in M365 services on October 20 ) - so it's increasingly important to monitor and remediate these legacy parameters. IANA...

#cryptography #tls
Security folks, which would you feel more comfortable with?

Security folks, which would you feel more comfortable with?

cybersecurity www.reddit.com

Hi all, I work at a SaaS company that needs to securely connect our cloud control plane to customer on-premise infrastructure in order to run orchestration and automation tasks. We're trying to avoid requiring customers to open inbound firewall rules or stand up full VPNs. We've narrowed it down to two models: Agent-based HTTPS/mTLS connector Customer deploys a small VM/Pod (our agent) inside their environment. The agent makes an outbound TLS connection (443) to our SaaS, authenticates with...

#cloud #tls #mtls
SonicWall Urges Customers to Reset Login Credentials After Configuration Backup Files Exposed

SonicWall Urges Customers to Reset Login Credentials After Configuration Backup Files Exposed

Cyber Security News cybersecuritynews.com

SonicWall has issued an urgent advisory urging all customers to perform an Essential Credential Reset after security researchers discovered that MySonicWall configuration backup files were inadvertently exposed on public storage. The sensitive files contained encrypted passwords, pre-shared keys, and TLS certificates used by SonicOS appliances, potentially allowing threat actors to decrypt and leverage credentials to

#tls
Enhance TLS inspection with SNI session holding in AWS Network Firewall

Enhance TLS inspection with SNI session holding in AWS Network Firewall

AWS Security Blog aws.amazon.com

AWS Network Firewall is a managed firewall service that filters and controls network traffic in Amazon Virtual Private Cloud (Amazon VPC). Unlike traditional network controls such as security groups or network access control lists (NACLs), Network Firewall can inspect and make decisions based on information from higher layers of the OSI model, including the Transport

#aws #cloud #tls
Overcoming DNSSEC Islands of Security: A TLS and IP-Based Certificate Solution

Overcoming DNSSEC Islands of Security: A TLS and IP-Based Certificate Solution

cs.CR updates on arXiv.org arxiv.org

arXiv:2509.08364v1 Announce Type: new Abstract: The Domain Name System (DNS) serves as the backbone of the Internet, primarily translating domain names to IP addresses. Over time, various enhancements have been introduced to strengthen the integrity of DNS. Among these, DNSSEC stands out as a leading cryptographic solution. It protects against attacks (such as DNS spoofing) by establishing a chain of trust throughout the DNS nameserver hierarchy. However, DNSSEC's effectiveness is compromised...

#certificate #tls
Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091

Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091

Cyber Security News cybersecuritynews.com

Police-issued body cameras have become ubiquitous tools for recording law enforcement encounters, yet a recent investigation has uncovered troubling design choices in a budget-friendly system that compromise both privacy and data integrity. The Viidure mobile application, designed to transfer video evidence from the camera's onboard Wi-Fi hotspot to cloud servers, was found to communicate over

#cloud #tls
TLS NoVerify: Bypass All The Things

TLS NoVerify: Bypass All The Things

Technical Information Security Content & Discussion www.reddit.com

Bypassing TLS certificate verification in 5 major TLS libraries with a LD_PRELOAD lib. Works on OpenSSL, GnuTLS, NSS, mbedTLS, and wolfSSL. And most UNIX Systems Plus a deep dive into LD_PRELOAD submitted by /u/_f0rw4rd_ [link] [comments]

#certificate #tls
Mis-issued TLS Certificates for 1.1.1.1 DNS Service Enable Attackers to Decrypt Traffic

Mis-issued TLS Certificates for 1.1.1.1 DNS Service Enable Attackers to Decrypt Traffic

Cyber Security News cybersecuritynews.com

The discovery of three improperly issued TLS certificates for 1.1.1.1, the popular public DNS service from Cloudflare, and the Asia Pacific Network Information Centre (APNIC). The certificates, which were issued in May 2025, could allow attackers to intercept and decrypt encrypted DNS lookups, potentially exposing users' browsing habits. The existence of the unauthorized certificates was

#tls
X-PRINT:Platform-Agnostic and Scalable Fine-Grained Encrypted Traffic Fingerprinting

X-PRINT:Platform-Agnostic and Scalable Fine-Grained Encrypted Traffic Fingerprinting

cs.CR updates on arXiv.org arxiv.org

arXiv:2509.00706v1 Announce Type: new Abstract: Although encryption protocols such as TLS are widely de-ployed,side-channel metadata in encrypted traffic still reveals patterns that allow application and behavior inference.How-ever,existing fine-grained fingerprinting approaches face two key limitations:(i)reliance on platform-dependent charac-teristics,which restricts generalization across heterogeneous platforms,and(ii)poor scalability for fine-grained behavior identification in open-world...

#security-tools #tls