Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations
Various organizations (BSI / NIST) have the option of receiving information by e-mail that informs you about weaknesses, security gaps and current threats.
For example via the warning and information service (WID) of the Federal Office for Information Security.
The NSA (National Security Agency) published about Github also information on security issues.
The current publication deals with the topic of TLS and the associated mechanisms for the secure transmission of data.
I have attached the PDF document with the current recommendations, which should have been known for a long time, here.
It deals in detail with outdated TLS versions, cipher suites and key exchange mechanisms. At the same time, the recommendations of CNSS (Committee on National Security Systems) and NIST (National Institute of Standards and Technology).
An excerpt from the document ELIMINATING OBSOLETE TLS
The online scanner from Pentest tools checks e.g. for the following vulnerabilities:
- Secure renegotiation
- CCS injection