PKI and Digital Certificates
- January 22, 2020
Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor.
- September 17, 2019
A new certificate fraud scheme involves a threat actor impersonating company execs to purchase certs which are then resold to those looking to spread malware.
- March 22, 2019
Security researchers discovered the availability of SSL/TLS certificates for sale on the dark web, which allow cybercriminals to disguise their malicious activity as legitimate.
- March 11, 2019
Threat actors are exploiting encryption protocols to deliver malicious content, according to Zscaler, which found a 400% increase in SSL-based phishing threats last year.
- March 07, 2019
Cryptographers at RSAC 2019 discussed personal data protection laws and challenges, future threats and the pressure for tech companies to work with law enforcement on decryption.
- February 08, 2019
This week's Risk & Repeat podcast looks at Apple's decision to temporarily revoke Facebook's and Google's enterprise certificates following reports of questionable app activity.
- January 16, 2019
This week's Risk & Repeat podcast looks at the expiration of more than 80 TLS certificates for U.S. government websites amid the ongoing government shutdown.
- December 19, 2018
This week's Risk & Repeat podcast looks at the U.S. House Committee on Oversight and Government Reform report on the Equifax breach and the infosec lessons to be learned from it.
- December 14, 2018
News roundup: Mozilla finally removes trust for Symantec certificates with Firefox 64. Plus, Supermicro's investigation challenges Bloomberg Businessweek's report, and more.
- October 03, 2018
Quantum computing threats are on the horizon, but DigiCert, Gemalto and ISARA have teamed up to develop new quantum-proof digital certificates and remake the PKI industry.
- June 29, 2018
Rival certificate authorities GlobalSign and Comodo CA have strengthened their presence in the IoT security market with new platforms for connected devices.
- April 16, 2018
A new key and certificate management service is now offered by SSH, which teamed up with AppViewX to provide a way to administer cryptographic keys and digital certificates.
- March 27, 2018
The IETF approves the TLS 1.3 encryption protocol upgrade after four years and 28 versions; improvements include better security and performance, as well as middlebox support.
- March 07, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how a controversial move by reseller Trustico led to 23,000 Symantec SSL certificates being revoked.
- March 02, 2018
DigiCert revoked 23,000 Symantec SSL certificates amid a public spat between the company and former reseller partner Trustico, which claimed the certificates were 'compromised.'