Security News

Less than 1% of the top 1 million websites have yet to replace Symantec-issued certificates before major browsers distrust them, DigiCert announced this week. Last year, DigiCert bought the...

Mozilla this week detailed its plans to completely distrust Symantec root certificates in Firefox 63, set to arrive in October 2018. read more

Certificate Authority (CA) DigiCert on Wednesday announced the en-masse revocation of more than 23,000 HTTPS certificates after certificate reseller Trustico sent over the private keys for those...

Pro Tip: Change TLS Certificates Regularly For Better Data SecurityCertificate Authorities continue to be tricked into issuing bogus TLS certificates. A study by Recorded Future found that there...

There has been surge in the use of counterfeit code signing certificates to evade security detection solutions, despite the high cost such certificates come with, a new Recorded Future report...

Signing malicious code with valid digital certificates is a helpful trick used by attackers to maximize the odds that malware won’t be flagged by antivirus solutions and often even by network...

Following the release of the read more

New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks. From the...

Unpatched Infineon Chips in Peril as Researchers Speed Up Encryption Key AttackResearchers have discovered how to speed up an attack disclosed last month that recovers secret encryption keys...

Here’s an overview of some of last week’s most interesting news and articles: Chris Eng: An infosec journey from offense to defense “Come to my lab, I promise you’ll learn something cool,” a...