Security News

DigiCert Enterprise PKI Manager supports security for remote workforces
2020-11-20 02:45

Enterprise PKI Manager in DigiCert ONE from DigiCert supports security for today's increasingly remote workforces via certificate automation to authenticate employees and their devices at scale, and encrypt data. Enterprise PKI Manager makes it easy for organizations to manage and use digital certificates to secure all employees, devices and data that connect to the network, and it can be deployed as a customer-managed on-premises or cloud solution, or managed by DigiCert.

DigiCert Automation Gateway: Securely monitor, automate and process certificate lifecycle events
2020-08-05 00:15

DigiCert Automation Gateway launches with integration into DigiCert CertCentral in Q4. This new automation approach is designed to accelerate the adoption of automated certificate issuance, renewal, reissuance and revocation by tackling some of the common concerns with existing offerings. Automation Gateway will provide organizations the confidence to widely deploy automation protocols within their company networks to provide greater agility.

DigiCert IoT Device Manager: New features and capabilities to drive 5G transformation
2020-07-27 00:30

DigiCert has announced a robust set of features and capabilities in DigiCert IoT Device Manager that enable telecommunications providers to deploy 5G network services to cloud environments while maintaining security, compliance and performance. Hosted on the DigiCert ONE platform, IoT Device Manager provides support for strong authentication in dynamic, cloud-native environments, as well as scalability and operational integrity.

Digicert revokes a raft of web security certificates
2020-07-13 14:36

Digicert is one of the Big Five commercial CAs, short for certificate authorities - companies that sign and vouch for the digital certificates that put the the S in HTTPS and the padlock in your browser's address bar. The simplest form of web certificate is called self-signed, and anyone can create a self-signed certificate in seconds that claims to represent any web property they like.

Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle
2020-07-10 00:29

A notice emitted by the certificate biz explained that a number of its intermediate certificate authorities had issued EV certs to customers despite not being included in DigiCert's WebTrust audits - which goes against the rules for EV certs. "Although there is no security threat, the EV Guidelines require that we revoke EV certificates signed by the affected ICAs by July 11, 2020 at 12pm MDT.".

DigiCert named 2020 Global Company of the Year in TLS certificate market by Frost & Sullivan
2020-05-22 08:01

Frost & Sullivan recognizes DigiCert with the 2020 Global Company of the Year Award, based on its recent analysis of the global TLS certificate market. "Leveraging its superior technology, customizing it to regional markets and building a best-in-class customer support system, DigiCert has captured the business of 89% of the Fortune 500 companies and the world's most recognized brands," said Swetha Krishnamoorthi, Industry Analyst at Frost & Sullivan.

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability
2020-05-06 01:18

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert. In a separate development, the Salt vulnerability was used to hack into DigiCert certificate authority as well.

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability
2020-05-06 01:18

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert. In a separate development, the Salt vulnerability was used to hack into DigiCert certificate authority as well.

More Salt in their wounds: DigiCert hit as hackers wriggle through (patched) holes in buggy config tool
2020-05-05 08:15

For clarity, Digicert CT log 2 was deemed unsafe due the vulnerability. Writing in a forum for Certificate Transparency, DigitCert veep of business development, Jeremy Rowley assured users that "All other DigiCert CT logs are uneffected [sic] as they run on separate infrastructure."

Recent Salt Vulnerabilities Exploited to Hack LineageOS, Ghost, DigiCert Servers
2020-05-04 09:00

Over the past several days, hackers have exploited two recently disclosed Salt vulnerabilities to compromise the servers of LineageOS, Ghost and DigiCert. Last week, F-Secure security researchers disclosed two vulnerabilities in Salt that could allow remote attackers to execute commands as root on "Master" and connected minions.