Security News

DigiCert now enables manufacturers to embed certificates on chips prior to manufacturing
2020-12-16 02:30

Manufacturers can now embed certificates on chipsets prior to and during manufacturing, or directly to an edge device, for complete end-to-end device security. IoT Device Manager is built on DigiCert ONE, which enables rapid, automated PKI deployment as a customer-managed, on-premises or cloud solution, or managed by DigiCert for any environment.

South Korea kills ActiveX-based government digital certificate service
2020-12-10 04:31

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

DigiCert and Atea deliver a fully managed service for multiple types of digital certificate-based use cases
2020-11-25 01:00

DigiCert and Atea jointly announced a partnership to launch the new Atea Managed Certificate Service offering insight into certificate health, usage and endpoint vulnerabilities to ensure the best possible customer experience for secure communication. Delivered by Atea Managed Services and powered by core DigiCert CertCentral technology the new service includes the ability to automatically locate, identify, and track all certificates in use with 24/7 monitoring, management and renewals throughout any network and connected device environment.

Microsoft fixes issue causing Windows 10 certificates to disappear
2020-11-18 08:55

Microsoft has resolved a known issue leading to missing system and user certificates after updating managed Windows 10 systems using outdated installation media. The lost Windows 10 certificates issue impacts client and server platforms in managed environments.

GitHub breaks site layout after forgetting to renew certificate
2020-11-02 16:31

This morning, GitHub's pristine layout vanished off of the repository, in what looks like a miss on the company's part in renewing an SSL certificate. The expired certificate prevented numerous resources like images, JavaScript, and CSS stylesheets from correctly loading on GitHub.

Microsoft is investigating lost Windows 10 certificates issue
2020-11-02 10:48

Microsoft is investigating a known issue leading to missing system and user certificates after updating certain managed Windows 10 systems using outdated installation media through update management tools, physical media, or ISO images. "System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10," Microsoft explains.

Moving past the madness of manually updated X.509 certificates
2020-11-02 05:45

Microsoft Active Directory Certificate Services is an integrated, optional component of Windows Server designed to issue digital certificates. There are no free or open source Linux, UNIX or Mac tools available today that provide auto-enrollment or integrate with the Microsoft CA. The only "Free" option is to manually create and renew certificates from a Microsoft CA using complicated and error-prone commands.

Mac users unable to print after Apple revoked HP certificate
2020-10-27 16:24

Apple macOS X users with HP printers are left unable to print from their computers after Apple revoked a certificate that signed HP's print drivers. As observed by BleepingComputer, when printing a document from a MacBook running macOS Catalina and Mojave users with HP printers.

Microsoft fixes Windows certificate spoofing bug abusing CAT files
2020-10-14 12:35

Microsoft's October 2020 Patch Tuesday fixed 87 security bugs, one of which is an "Important" Windows Spoofing Vulnerability that abuses CAT files. The flaw allows an attacker to combine a legitimately signed Microsoft Windows Installer package with the attacker's JAR file into an encapsulating JAR file.

Reduced lifespan of TLS certificates could cause increase in outages
2020-09-02 03:00

Beginning September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less. Since many organizations lack the automation capabilities necessary to replace certificates with short lifespans at machine scale and speed, they are likely to see sharp increases in outages caused by unexpected certificate expirations.