Types of Injection attacks
As more and more companies insist employees to work from home during this pandemic, the whole cyber security of many companies are at huge risk. Can this lead to a network pandemic for companies and individuals?
TLS, SSL, HTTP, HTTPS, ….Are you not familiar with these terms or concepts? Many professionals may not know the network related terminologies to read a security report. Find out some basic terminologies used by network officials in this blog.
We wil first explain HTTP, then the difference to HTTPS. Afterwards, we explain the SSL and TLS encryption (which is the difference between HTTP and HTTPS). In the end, we will explain how they all work together.
TLS 1.0 and 1.1 have been around for quite some time. TLS 1.0 was released in 1999, TLS 1.1 in 2006. They both should not be used anymore!
There are well known attacks such as Padding Oracle Attacks or BEAST for those versions. That is why Crashtest Security shows TLS 1.0 & 1.1 as critical vulnerabilities.
This article shows general industry guidelines, the usage of the protocol versions, and how different browser vendors are handling the deprecation of TLS 1.0 and TLS 1.1. We also help you to remediate a website or application that still uses TLS 1.0 or 1.1.
Launch Addresses Agile Security Needs:
Munich, April 2nd of 2020