Certificate

Google creates list of untrusted certificate authorities

Google creates list of untrusted certificate authorities

By

Google has instituted a blacklist of untrustworthy certificates for use in the company's browser Chrome.

Drown attack could break TLS for third of websites

Drown attack could break TLS for third of websites

By

A new vulnerability could kill a certain kind of encryption for plenty of websites. An OpenSSL update has been rushed out to fix major flaw.

Encryption increasingly used to hide attacks, says new report

Encryption increasingly used to hide attacks, says new report

By

Dell's new threat report adds further evidence to support the observation that attackers are increasingly hiding activity within HTTPS.

Let's Encrypt certificates issued for malvertising campaign

Let's Encrypt certificates issued for malvertising campaign

By

The generosity of the free TSL certificate non-profit, Let's Encrypt, has been abused by malvertising cyber-criminals

Dell ships laptops pre-vulnerable to man-in-the-middle attacks

Dell ships laptops pre-vulnerable to man-in-the-middle attacks

By

Dell reported that it has been shipping Inspiron 14 laptops since August that inadvertently contained the security certificate, eDellRoot, that essentially gives hackers complete access to the system.

Symantec purges employees after unauthorised use of Google SSL certificates

Symantec purges employees after unauthorised use of Google SSL certificates

By

Symantec have fired several staff members after they created unauthorised and potentially malicious Google SSL certificates

Ashley Madison's source code reveals poor security practices

Ashley Madison's source code reveals poor security practices

By

Security credentials hard coded into repositories could have helped hackers, according to research by security consultant Gabor Szathmari.

CESG forced to pull HTTPS website as SSL certificate gets revoked

CESG forced to pull HTTPS website as SSL certificate gets revoked

By

CESG, the information arm of GCHQ, was forced to take down its HTTPS website earlier this week after the organisation's SSL digital certificate was revoked.

UK firms at risk from attacks on crypto keys, digital certificates

UK firms at risk from attacks on crypto keys, digital certificates

By

A joint study from Venafi and the Ponemon Institute reveals that digital keys and certificates are in peril, especially at UK organisations.

Vormetric launches new Vault certificate and key solution

By

Vormetric has launched a storage solution for the protection and management of digital certificates, encryption keys and password files.

Venafi: CAs are not wholly to blame for certificate-based attacks

Venafi: CAs are not wholly to blame for certificate-based attacks

By

Attacks within the certificate infrastructure are due to mismanagement rather than attacks on certificate authorities (CAs).

TurkTrust re-emphasises that there was not a security breach

TurkTrust re-emphasises that there was not a security breach

By

Turkish certificate authority (CA) TurkTrust has denied that there was any attack, "malevolence, fraud or any other crime factor" on it resulting in the issuing of fraudulent certificates.

Fraudulent certificates from CA TurkTrust leads to browsers revoking trust

Fraudulent certificates from CA TurkTrust leads to browsers revoking trust

By

The fraudulent issuing of certificates from a Turkish certificate authority (CA) has led to major web browsers revoking trust.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US