certificates
Google catches India with fake certificates
As the world becomes more dependent, and some might say blindly so, on digital certificates it’s only natural that attackers will seek to circumvent this trust. Whether …
Researchers find, analyze forged SSL certs in the wild
A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL …
Mozilla offers $10,000 for bugs in its new cert verification library
In the wake of the recent discoveries of the Heartbleed OpenSSL bug and the SSL “gotofail” bug, Mozilla has announced a new and topical bug bounty program: it …
Product pitch: DigiCert Certificate Inspector
SSL Certificates serve as the security backbone of the internet, securing billions of interactions annually. Yet, too often, system administrators fail to properly configure …
Qualys introduces Continuous Monitoring cloud service
Qualys introduced Continuous Monitoring, the most recent addition to its QualysGuard Cloud Platform, at the RSA Conference in San Francisco. This new offering gives …
Identify and fix vulnerabilities in your SSL certificates
DigiCert announced DigiCert Certificate Inspector, a tool designed to quickly find problems in certificate configuration and implementation, and provide real-time analysis of …
Fake SSL certificates used to impersonate Facebook, Google, banks
Analysts with UK-based Internet research firm Netcraft have discovered a considerable number of fake SSL certificates in the wild, created to impersonate banks, social …
Resurgence of malware signed with stolen certificates
Since 2009, variants of the Winwebsec rogue AV family have been trying to trick users into believing their computer has been infected and into paying for …
Opera developers explain why malicious “update” wasn’t detected
Opera Software has finally come out with more details about the recent compromise of its internal infrastructure, the theft of an expired code signing certificate, and the …
Opera infrastructure compromised, users hit with malicious update
A breach of the Opera Software internal infrastructure has resulted in the theft of an expired Opera code signing certificate and used it to sign a piece of malware, package …
Plugging the trust gap
Every business and government is dependent upon cryptographic keys and certificates to provide trust for critical communications. These trust technologies underpin the modern …
Malicious Java applet uses stolen certificate to run automatically
A signed but malicious applet that will apparently fool even the latest Java 6 update has been discovered on a German online dictionary website infected by the g01pack exploit …
Featured news
Resources
Don't miss
- Autoswagger: Open-source tool to expose hidden API authorization flaws
- Why outsourcing cybersecurity is rising in the Adriatic region
- Microsoft rolls out Windows 11 “quick recovery” feature
- Maximum severity Cisco ISE vulnerabilities exploited by attackers
- Phishing campaign targets U.S. Department of Education’s G5 portal