Search results for: Let's Encrypt

Bill Tolson

While governments pass privacy laws, companies struggle to change

Government agencies keep making new privacy rules while end users fall victim to malpractice and scams. Bill Tolson, VP of Compliance and eDiscovery at Archive360, has spent many years consulting with regulators and advising businesses on concrete steps to enhance data privacy. In this Help Net Security interview, he discusses how organizations should ensure privacy is built into the design process, cybersecurity investments for better privacy, and much more. What practical steps should companies follow … More


cert-manager: Automatically provision and manage TLS certificates in Kubernetes

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those certificates. It can issue certificates from a variety of supported sources, including Let’s Encrypt, HashiCorp Vault, and Venafi as well as private PKI, and it ensures certificates remain valid and up to date, attempting to renew certificates at an appropriate time before expiry. The solution is available on GitHub under an Apache-2.0 license. … More


EV certificate usage declining: Is the internet becoming more secure?

Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world’s top 1 million sites over the last 18 months shows that in many ways, the internet is becoming more secure. Use of encryption is increasing and the adoption of newer TLS protocols is rising, a Venafi report reveals. However, despite the adoption of stronger encryption protocols, many companies continue to use legacy RSA encryption algorithms to generate … More

Patch Tuesday

Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws

Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, seven of which are critical, and one is actively exploited (CVE-2021-36948). Fixed vulnerabilities of note Let’s start with the zero-day. CVE-2021-36948 is a vulnerability in the Windows Update Medic Service that can be exploited by attackers to escalate privileges on a compromised system (and misuse them to do things like create … More


Why cybersecurity products always defy traditional user reviews

I read with interest the latest batch of evaluation data from MITRE on various endpoint solutions, this time focusing on the detect, response and containment of these various solutions against malware created by FIN7 and CARBANAK threat groups. While academically interesting, it illustrates the difficulty in giving reviews to cybersecurity products in the endpoint protection category and trying to attribute a “best” label to a specific product in a specific category (be it endpoint or … More

Proxmox Mail Gateway 6.4: Protects orgs from spam, viruses, Trojans, and phishing emails

Enterprise software developer Proxmox Server Solutions GmbH has released Proxmox Mail Gateway 6.4, the latest version of its open-source email security solution. Proxmox Mail Gateway is a complete operating system based on Debian Buster 10.9, but using Linux kernel 5.4.106, which is under long term support (LTS) status. The anti-spam and anti-virus filtering solution from Proxmox functions as a full featured mail proxy, that is deployed between the firewall and the internal mail server. It … More


Protecting corporate data in popular cloud-based collaborative apps

Cloud adoption has grown at an astonishing rate, providing organizations with the freedom to store data in numerous cloud applications that meet their specific business demands. Additionally, migrating to the cloud gives employees the ability to access work material from anywhere and anytime. This increases productivity by allowing employees to collaborate remotely with applications like G Suite, Office 365, Salesforce, and Slack (to name a few). While utilizing these cloud apps provides flexibility and cost … More


DNS over HTTPS misuse or abuse: How to stay secure

Firefox and Chrome have recently begun supporting external DNS resolvers in the cloud. The use of these DNS services bypasses controls that enterprise IT organizations put in place to prevent end users from visiting unauthorized Internet destinations. Compounding the issue is that certain operating systems and browsers use new encryption technologies – DNS over TLS (DoT) and DNS over HTTPS (DoH) – in the query response handshake with these unauthorized DNS services that make them … More

threat intelligence

What is open threat intelligence and what is driving it?

In this podcast recorded at RSA Conference 2020, Todd Weller, Chief Strategy Officer at Bandura Cyber, discusses the modern threat intelligence landscape and the company’s platform. The Bandura Cyber Threat Intelligence Protection Platform: Aggregates IP and domain threat intelligence from multiple sources including leading commercial providers, open source, government, and industry sources. Integrates IP and domain threat intelligence from any source in real time including from Threat Intelligence Providers & Platforms (TIPs), SIEMs, SOARs, endpoint, … More

Let's Encrypt

Let’s Encrypt will revoke 3m+ TLS/SSL certificates

Starting with 20:00 UTC (3:00pm US EST), today (March 4), the non-profit certificate authority Let’s Encrypt will begin it’s effort to revoke a little over 3 million TLS/SSL certificates that it issued while a bug affected its CA software. Preliminary investigation suggests the bug was introduced on July 25, 2019, but a more detailed investigation is under way – though, for now, it seems that “it’s not likely that there was any significant mis-issuance as … More

ManageEngine launches PAM360, a privileged access security solution for enterprise IT

ManageEngine, the IT management division of Zoho Corporation, announced the launch of PAM360, a complete privileged access security solution for IT security teams. Available immediately, PAM360 offers enterprise-grade capabilities in privileged access governance, including just-in-time controls and privileged user behavior analytics (PUBA), to provide CISOs and cybersecurity executives holistic visibility of their privileged access security. Monitoring and regulating access to privileged accounts are critical to enterprise security. In fact, Forrester estimates that compromised privileged credentials … More

IOTA develops Trinity, a secure software wallet for IOTA tokens

IOTA Foundation, a non-profit foundation focused on distributed ledger technology (DLT) and open-source ecosystem development, announced the release of Trinity, a secure software wallet for IOTA tokens, developed by the IOTA Foundation. With over $1.8 billion of IOTA transacted and over 160,000 downloads across platforms, the Trinity wallet has already been used widely in beta. The full release of the Trinity wallet is now available for mobile and desktop platforms, including Mac, Windows, Linux, iOS … More