Security News

Elexon's Insight into UK electricity felled by expired certificate
2024-07-09 14:01

Certificate Watch Demonstrating that Microsoft is not alone in its inability to keep track of certificates is UK power market biz Elexon. Elexon is an important cog in the UK's wholesale electricity market machine and provides operational data via its Insight Solution platform.

Google to Block Entrust Certificates in Chrome Starting November 2024
2024-06-29 14:44

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the...

Microsoft hits snooze again on security certificate renewal
2024-06-28 13:26

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

How Google’s 90-day TLS certificate validity proposal will affect enterprises
2024-04-11 05:00

Announced last year, Google's proposal to reduce the lifespan of TLS certificates from 13 months to 90 days could be implemented in the near future. As a result, the new 90-day TLS certificate lifespan proposed by Google will have far-reaching impacts on three areas of corporate IT: DevOps, security and operations.

EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)
2024-04-09 04:30

It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the longest-standing CA software projects, EJBCA offers proven robustness, reliability, and adaptability. "EJBCA was created as an open-source project. The first version of the software was released as open source in December 2001. The ability to make a living from working with it and form a good company with many developers working on open source came later when the co-founders of PrimeKey and I realized that it was something we could do," Tomas Gustavsson, the creator of EJBCA, told Help Net Security.

Why is everyone talking about certificate automation?
2024-03-19 05:00

Digital Certificates are not new. In this Help Net Security video, Andreas Brix, Senior Program Manager at GlobalSign, discusses why they are back in the news and what you should do about it. The...

IBM, ISC2 Offer Cybersecurity Certificate
2024-02-14 20:59

The International Information System Security Certification Consortium and IBM teamed up on February 12 to launch the IBM and ISC2 Cybersecurity Specialist Professional Certificate, which can be earned through a free, four-month, beginner-level training course. IBM chose ISC2 to develop the certification program, which prepares potential cybersecurity professionals for a career in a cybersecurity specialist role.

The clock is ticking for businesses to prepare for mandated certificate automation
2023-09-28 03:30

Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign. The solution to meet this call by Google, and other browsers, is to automate certificate management.

SSL Certificate Best Practices Policy
2023-09-20 16:00

SSL certificates are essential for encrypting traffic between systems such as clients, which access servers via web browsers or applications that communicate with remote systems. Certificates protect client and server data, commonly involving confidential information such as credit card details or social security numbers.

Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads
2023-09-15 08:49

The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation code signing certificates. In the incident investigated by the cybersecurity company, an unnamed victim is said to have first received a piece of info stealer malware with EV code signing certificates, followed by ransomware using the same delivery technique.