Security News

US-CERT Warns HTTPS Inspection May Degrade TLS Security (Threatpost)
2017-03-17 10:00

Security tools that proxy and inspect HTTPS traffic create a blindspot for network administrators trying to determine whether communication between clients and servers is secure.

CERT updates insider threat guidebook (Help Net Security)
2017-02-10 12:30

The CERT Division of the Software Engineering Institute (SEI) at Carnegie Mellon University released the fifth edition of the Common Sense Guide to Mitigating Insider Threats. The guide describes...

Buggy Domain Validation Forces GoDaddy to Revoke Certs (Threatpost)
2017-01-11 21:40

A bug in GoDaddy's domain validation process forced the registrar to revoke SSL certificates and reissue certs for more than 6,000 customers.

Google to Distrust WoSign, StartCom Certs in 2017 (Threatpost)
2016-11-01 17:58

Google announced Monday that it will distrust certificates issued by WoSign and StartCom when in it ships Chrome 56 in January 2017.

Kaspersky Launches Industrial Control Systems CERT (SecurityWeek)
2016-10-25 04:41

ComoD'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert (The Register)
2016-10-21 20:51

ICS-CERT Advisory Warns Sierra Wireless Products Vulnerable to Mirai Malware (October 14 and 17, 2016) (SANS Newsbites)
2016-10-18 19:06

Apple chops woeful WoSign HTTPS certs from iOS, macOS (The Register)
2016-10-03 22:37

Over 400 Vulnerabilities Reported to ICS-CERT in 2015 (SecurityWeek)
2016-10-03 14:37

ICS-CERT releases new tools for securing industrial control systems (Help Net Security)
2016-09-28 19:08

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has published newer versions of two tools that can help administrators with securing industrial control systems: the Cyber...