Security News

There has been surge in the use of counterfeit code signing certificates to evade security detection solutions, despite the high cost such certificates come with, a new Recorded Future report...

Signing malicious code with valid digital certificates is a helpful trick used by attackers to maximize the odds that malware won’t be flagged by antivirus solutions and often even by network...

Following the release of the read more

New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks. From the...

Unpatched Infineon Chips in Peril as Researchers Speed Up Encryption Key AttackResearchers have discovered how to speed up an attack disclosed last month that recovers secret encryption keys...

Here’s an overview of some of last week’s most interesting news and articles: Chris Eng: An infosec journey from offense to defense “Come to my lab, I promise you’ll learn something cool,” a...

On 3 November 2017 at midnight, Estonia will block the certificates of 760,000 ID cards. The decision is the result of the discovery of a security vulnerability in the Infineon-developed RSA...

The Cyber Security Research Institute (CSRI) conducted a six-month investigation into the sale of digital code signing certificates on the dark web. The research uncovered code signing...

Savitech drivers used by several companies that provide specialized audio products expose computers to hacker attacks by installing a new root certificate into the Trusted Root Certification...

Mozilla this week announced plans to completely remove trust in the digital certificates issued by Chinese certificate authority WoSign and its subsidiary StartCom starting with Firefox 58.  read more