Security News > 2019 > March > Open-source 64-ish-bit serial number gen snafu sparks TLS security cert revoke runaround
2019-03-13 18:12
64 bits of cert ID on the wall, 64 bits of ID. Take the top bit down, don't pass it around, 63 bits of cert ID on the wall... A bunfight over a controversial UAE mobile security company led to the discovery that millions of TLS security certificates have been improperly issued – thanks to a dodgy default configuration in popular certificate authority (CA) certificate-wrangling software.…
News URL
http://go.theregister.com/feed/www.theregister.co.uk/2019/03/13/tls_cert_revoke_ejbca_config/
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Vanir: Open-source security patch validation for Android (source)
- Sara: Open-source RouterOS security inspector (source)
- What’s Next for Open Source Software Security in 2025? (source)
- GitHub CISO on security strategy and collaborating with the open-source community (source)
- CERT-UA warns against “security audit” requests via AnyDesk (source)
- Fleet: Open-source platform for IT and security teams (source)
- CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits (source)