Security News

More than 83K certs from nearly 7K DigiCert customers must be swapped out now
2024-07-31 21:15

As the DigiCert drama continues, we now have a better idea of the size and scope of the problem - with the organization's infosec boss admitting the SSL/TLS certificate revocation sweep will affect tens of thousands of its customers, some of which have warned that the short notice may have real-world safety implications and disrupt critical services. A brief refresher on what happened: On July 29, the certificate authority said at least some customers had just 24 hours to replace their previously issued security certificates due to a five-year-old programming flaw in its systems.

DigiCert to delay cert revocations for critical infrastructure
2024-07-31 20:18

DigiCert urges critical infrastructure operators to request a delay if they cannot reissue their certificates, as required by an ongoing certificate mass-revocation process announced on Tuesday. [...]

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight
2024-07-31 14:13

Certificate authority DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the step of revoking certificates that do not have proper Domain Control Validation.

DigiCert gives unlucky folks 24 hours to replace doomed certificates after code blunder
2024-07-31 01:31

DigiCert has given some unlucky customers 24 hours to replace their SSL/TLS security certificates it previously issued them - due to a five-year-old blunder in its backend software. The Register has asked exactly how many domains this represents, and we'll let you know if DigiCert can come up with a number.

DigiCert mass-revoking TLS certificates due to domain validation bug
2024-07-30 15:02

DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. DigiCert is one of the prominent certificate authorities that provides SSL/TLS certificates, including Domain Validated, Organization Validated, and Extended Validation certificates.

DigiCert releases new unified approach to trust management
2023-01-31 04:36

New solution brings together full stack of CA-agnostic certificate lifecycle management, PKI services and tightly integrated public trust issuance. The 2022 State of Digital Trust Survey found that almost half of consumers have stopped doing business with a company after losing confidence in its digital trust competency.

DigiCert issues Verified Mark Certificates to help organizations secure their emails from abuse
2021-07-14 02:10

Paired with the required DMARC enforcement, VMCs are a critical step in a series of security measures that help strengthen email security, build trust in the inbox and help users associate the brand logo with the company they expect to communicate with. "With BIMI and VMC from DigiCert for DMARC-verified domains, organizations can now demonstrate to their customers a higher level of email security. DigiCert VMCs not only help reduce instances of spam and spoofing customers receive, because of the DMARC requirement, but they also enable organizations to go beyond displaying default email addresses to increase engagement rates and display their brands more prominently."

DigiCert Smart Seal improves consumer trust in websites
2021-05-05 01:30

DigiCert announced the DigiCert Smart Seal, a new dynamic site seal that gives website visitors confidence that their information is secure on the web. The DigiCert Smart Seal is the first seal to visually display the site owner's brand via a verified brand logo.

DigiCert now enables manufacturers to embed certificates on chips prior to manufacturing
2020-12-16 02:30

Manufacturers can now embed certificates on chipsets prior to and during manufacturing, or directly to an edge device, for complete end-to-end device security. IoT Device Manager is built on DigiCert ONE, which enables rapid, automated PKI deployment as a customer-managed, on-premises or cloud solution, or managed by DigiCert for any environment.

DigiCert and Atea deliver a fully managed service for multiple types of digital certificate-based use cases
2020-11-25 01:00

DigiCert and Atea jointly announced a partnership to launch the new Atea Managed Certificate Service offering insight into certificate health, usage and endpoint vulnerabilities to ensure the best possible customer experience for secure communication. Delivered by Atea Managed Services and powered by core DigiCert CertCentral technology the new service includes the ability to automatically locate, identify, and track all certificates in use with 24/7 monitoring, management and renewals throughout any network and connected device environment.