Security News

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

DigiCert and Atea jointly announced a partnership to launch the new Atea Managed Certificate Service offering insight into certificate health, usage and endpoint vulnerabilities to ensure the best possible customer experience for secure communication. Delivered by Atea Managed Services and powered by core DigiCert CertCentral technology the new service includes the ability to automatically locate, identify, and track all certificates in use with 24/7 monitoring, management and renewals throughout any network and connected device environment.

Microsoft has resolved a known issue leading to missing system and user certificates after updating managed Windows 10 systems using outdated installation media. The lost Windows 10 certificates issue impacts client and server platforms in managed environments.

This morning, GitHub's pristine layout vanished off of the repository, in what looks like a miss on the company's part in renewing an SSL certificate. The expired certificate prevented numerous resources like images, JavaScript, and CSS stylesheets from correctly loading on GitHub.

Microsoft is investigating a known issue leading to missing system and user certificates after updating certain managed Windows 10 systems using outdated installation media through update management tools, physical media, or ISO images. "System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10," Microsoft explains.

Microsoft Active Directory Certificate Services is an integrated, optional component of Windows Server designed to issue digital certificates. There are no free or open source Linux, UNIX or Mac tools available today that provide auto-enrollment or integrate with the Microsoft CA. The only "Free" option is to manually create and renew certificates from a Microsoft CA using complicated and error-prone commands.

Apple macOS X users with HP printers are left unable to print from their computers after Apple revoked a certificate that signed HP's print drivers. As observed by BleepingComputer, when printing a document from a MacBook running macOS Catalina and Mojave users with HP printers.

Microsoft's October 2020 Patch Tuesday fixed 87 security bugs, one of which is an "Important" Windows Spoofing Vulnerability that abuses CAT files. The flaw allows an attacker to combine a legitimately signed Microsoft Windows Installer package with the attacker's JAR file into an encapsulating JAR file.

Beginning September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less. Since many organizations lack the automation capabilities necessary to replace certificates with short lifespans at machine scale and speed, they are likely to see sharp increases in outages caused by unexpected certificate expirations.

Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend.