Ars Technica

SSTP VPN with client machine certificate authentication

We've got a Windows SSTP VPN Server setup, where our domain clients authenticate with their AD credentials. Problem: It's possible to connect from any machine to our VPN. We'd like to change the ...
GIGAZINE

Let's Encrypt details changes to certificate issuance, including new certificate chains ...

Let's Encrypt has announced details of its overall policy regarding certificates issued going forward, including 'certificate chain renewal,' 'removal of TLS client authentication EKU (Enhanced Key ...
Linux Journal

Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part I

Are you worried about the security of your 802.11b wireless local area network (WLAN) because you're using plain-old wired equivalent privacy (WEP)? If you're still relying on WEP alone, you should be ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...