Security News

Mozilla Patching Firefox Certificate Pinning Vulnerability (Threatpost)
2016-09-19 20:03

Mozilla is expected tomorrow to patch a critical certificate pinning vulnerability in Firefox’s automated update process for extensions.

Kaspersky Safe Browser iOS app sports MITM SSL certificate bug (Help Net Security)
2016-08-01 21:48

Security researcher David Coomber has unearthed a vulnerability (CVE-2016-6231) in the Kaspersky Safe Browser iOS app that effectively contradicts its name. As it turns out, the app does not...

After issuing 1.7M certificates, Let’s Encrypt CA officially leaving beta (Help Net Security)
2016-04-13 15:55

Let’s Encrypt, the non-profit Certificate Authority (CA) backed by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, and others, is ready to be considered a stable offering. “Since our...

PHP, Python still fail to spot revoked TLS certificates (Help Net Security)
2016-04-01 16:04

In 2012, a group of researchers demonstrated that SSL certificate validation is broken in many applications and libraries, and pointed out the root causes for that situation: badly designed APIs...