certificates
Improving Cybersecurity: Different Certifications Explained
In the ever-evolving landscape of cybersecurity, the choice of cryptographic algorithms and certificates plays a pivotal role in ensuring the confidentiality and integrity of sensitive information. While traditional methods such as the ...
Digital Certificates Riddled With Security Weaknesses
A study published today found 79% of certificates on the internet are vulnerable to man-in-the-middle (MitM) attacks, with as many as 10% expired or self-signed (15%) in a way that is considered ...
An Untrustworthy TLS Certificate in Browsers
The major browsers natively trust a whole bunch of certificate authorities, and some of them are really sketchy: Google’s Chrome, Apple’s Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to ...
How to Eliminate Certificate Misconfiguration in Kubernetes
Kubernetes and OpenShift have become the standard for modern cloud-based application development. As infrastructure grows and clusters scale, huge volumes of TLS and mTLS certificates are used as development teams build and ...
With Remote Work, Don’t Leave Security Behind
We’ve all heard how the global pandemic has accelerated workplace trends that were already well underway. Adoption of automation, e-commerce, and remote work has increased significantly, and many of the changes are ...
The Misaligned Incentives for Cloud Security
Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and US federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the ...
Miscreants Manipulate Mimecast Certificate -> Microsoft 365 Exchange Web Services: Welcome To The Pew Pew
In regards to connectivity to the security black hole, also known as Microsoft Corporation's Office 365. Microsoft Corporation claims nothing to see here. 'Approximately 10 percent of our customers use this connection ...
Expired Certificates Used as Disguise to Spread Buerak, Mokes Malware
Researchers observed digital attackers employing expired security certificates as a disguise to distribute the Buerak downloader and Mokes malware. Kaspersky Lab learned of a new attack method in which malicious actors leveraged ...
Revocation of Millions of Certificates Leaves Websites Labeled as ‘Insecure’
A certificate authority named Let’s Encrypt found a bug in code used to generate certificates and was forced to revoke millions of certificates, leaving websites very little time for renewal. When a ...
Let’s Encrypt Vulnerability
The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate ...
