Security Info Watch

Chainguard Moves to Close the FIPS Gap with OpenSSL 3.4 Module and Zero-CVE Commitment

New provider model aims to align validated cryptography with real-time vulnerability management for regulated environments.
Threat Post

OpenSSL Past, Present and Future

Heartbleed made the world notice what kind of shape OpenSSL development was in from a financial and resources standpoint. In the year since, the project has been funded enough to hire full-time ...
ZDNet

OpenSSL 1.1.1 out with TLS 1.3 support and 'complete rewrite' of RNG component

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
ZDNet

OpenSSL dodges a security bullet

At first, it looked like the OpenSSL 3.x security bug was going to be truly awful. While it was feared to be a critical error that could lead to remote code execution ...
Dark Reading

New OpenSSL Flaw Exposes SSL To Man-In-The-Middle Attack

Don't look now, but it's time to patch OpenSSL again: A critical flaw discovered in the open-source encryption software could allow an attacker to hijack an SSL/TLS session and decrypt and alter the ...