SSL DROWN attack
There's a new SSL/TLS attack called DROWN (Decrypting RSA with Obsolete and Weakened eNcryption). It's not quite as bad as Heartbleed, but it potentially affects a significant percentage of HTTP…
Announcements
Critical DNS security flaw found
A nasty bug has been found in the software that translates Internet computer names (hostnames) into numerical addresses that computers on a network can use (IP addresses). This is known…
Apple warns its customers about backdoors
Apple today released a letter to its customers that is extraordinary in its content, and strongly related to today's post about the UK's "snooper's charter". The UK government has stated…
edtFTPj/PRO adds TLS 1.2
We've just released edtFTPj/PRO 5.0, adding support for TLS 1.2. At the start of the new year, it's interesting to look back over the release history of edtFTPj/PRO. Amazingly, it's…
OpenSSL security audit
OpenSSL is to undergo a comprehensive security audit by NCC Group. OpenSSL is one of the most widely deployed software libraries in the world, and is a critical part of…
CompleteFTP wins SFTP server recommendation from users
Survey reveals that more than 4 out of 5 CompleteFTP users would recommend it to others in need of secure FTP server software. CompleteFTP is SFTP server software trusted by…
The POODLE SSL vulnerability resolved
By now most people will have heard of the POODLE SSL vulnerability, a flaw in the SSL 3.0 protocol that affects FTPS and HTTPS. We've recently blogged about POODLE in…
POODLE SSL Vulnerability addressed in CompleteFTP 8.1.3
We recently posted about the POODLE vulnerability, a flaw in the SSL 3.0 protocol that affects FTPS and HTTPS. This has now been addressed in the release of CompleteFTP 8.1.3,…
POODLE, SSL and EnterpriseDT software
Security researchers at Google recently discovered the POODLE SSL vulnerability, a security flaw in an older version of the SSL/TLS protocol, SSL 3.0. Important facts about POODLE SFTP, SCP…
7 million DropBox passwords stolen - corporate data at risk
7 million DropBox passwords have been stolen (read more). A friend who works at a well-known Australian company has told us that IT admins are warning staff to immediately change…