Security News

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
2025-03-21 12:58

The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD)...

WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback
2025-03-13 07:08

Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate. "On...

Mozilla warns users to update Firefox before certificate expires
2025-03-12 15:01

Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company's root...

Short-Lived Certificates Coming to Let’s Encrypt
2024-12-16 12:06

Starting next year: Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before—short-lived...

Live Webinar: Dive Deep into Crypto Agility and Certificate Management
2024-11-15 11:48

In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting...

SSL Certificate Best Practices Policy
2024-11-13 16:00

SSL certificates are essential for encrypting traffic between systems such as clients, which access servers via web browsers or applications that communicate with remote systems. Certificates...

Apple’s 45-day certificate proposal: A call to action
2024-11-08 06:00

In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. The Apple proposal...

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates
2024-10-15 06:43

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company...

Shorter TLS certificate lifespans expected to complicate management efforts
2024-08-09 04:00

76% of security leaders recognize the pressing need to move to shorter certificate lifespans to improve security, according to Venafi. 81% of security leaders believe Google's proposed plans to shorten TLS certificate lifespans from 398 days to 90 days will amplify existing challenges they have around managing certificates.

Firefox's Mozilla follows Google in losing trust in Entrust's TLS certificates
2024-08-01 12:28

Mozilla is following in Google Chrome's footsteps in officially distrusting Entrust as a root certificate authority following what it says was a protracted period of compliance failures. Entrust has apologized to Google, Mozilla, and the wider web community, outlining its plans to regain the trust of browsers, but these appear to be unsatisfactory to both Google and Mozilla.