Nmedia - Fotolia

Problem solve Get help with specific problems with your technologies, process and projects.

Risk & Repeat: Bad Symantec certificates strike again

Listen to this podcast

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the discovery of more bad Symantec certificates and what it means for the antivirus software maker.

Bad Symantec certificates have, once again, landed the antivirus software maker in hot water.

More than 100 wrongly issued Symantec certificates were discovered recently by security researcher Andrew Ayer. Following Ayer's research post, Symantec quickly revoked the certificates and conducted its own investigation, which found even more bad certificates -- 127 to Ayer's 108 -- that had been issued over a six-month period starting last July.

All of the bad Symantec certificates were issued by CrossCert, a certificate authority based in Korea, according to Symantec's report. According to Symantec, CrossCert issued the certificates in violation of Symantec's policies and "overrode the compliance failure flags."

This marks the second time in less than 18 months that bad Symantec certificates have been exposed; in late 2015, the antivirus vendor was caught by Google's Certificate Transparency improperly issuing certificates.

While Symantec has pledged to review its certification authority processes and partners, as well as to take over validation and issuance of all future certificates issued by CrossCert, questions remain for the security software maker.

How could a Symantec certificate authority issue so many bad certificates without the vendor knowing? Should Symantec have been more directly involved with the certificate approval and issuing processes? Is the certificate authority system fundamentally broken?

In this episode of SearchSecurity's Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss those questions and more on the topic of Symantec certificates.

Next Steps

Risk & Repeat: Potential Windows Server Message Block exploit draws concern

Risk & Repeat: Is doxware a new threat or just repackaged ransomware?

Risk & Repeat: CES Cybersecurity Forum tackles passwords, internet of things threats

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How should Symantec handle certificate authority processes going forward?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close