certificates
Critical SSL flaw patched in Firefox, Thunderbird, Chrome
If you are a Mozilla Firefox, Thunderbird or Seamonkey user, you should implement the latest patches issued by the company as soon as possible, as they fix a critical bug …
Interest for SSL and PKI on the rise
The surge in the number of data breaches and recent security bugs such as Heartbleed has generated strong interest in digital certificates and technologies, including SSL and …
Google catches India with fake certificates
As the world becomes more dependent, and some might say blindly so, on digital certificates it’s only natural that attackers will seek to circumvent this trust. Whether …
Researchers find, analyze forged SSL certs in the wild
A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL …
Mozilla offers $10,000 for bugs in its new cert verification library
In the wake of the recent discoveries of the Heartbleed OpenSSL bug and the SSL “gotofail” bug, Mozilla has announced a new and topical bug bounty program: it …
Product pitch: DigiCert Certificate Inspector
SSL Certificates serve as the security backbone of the internet, securing billions of interactions annually. Yet, too often, system administrators fail to properly configure …
Qualys introduces Continuous Monitoring cloud service
Qualys introduced Continuous Monitoring, the most recent addition to its QualysGuard Cloud Platform, at the RSA Conference in San Francisco. This new offering gives …
Identify and fix vulnerabilities in your SSL certificates
DigiCert announced DigiCert Certificate Inspector, a tool designed to quickly find problems in certificate configuration and implementation, and provide real-time analysis of …
Fake SSL certificates used to impersonate Facebook, Google, banks
Analysts with UK-based Internet research firm Netcraft have discovered a considerable number of fake SSL certificates in the wild, created to impersonate banks, social …
Resurgence of malware signed with stolen certificates
Since 2009, variants of the Winwebsec rogue AV family have been trying to trick users into believing their computer has been infected and into paying for …
Opera developers explain why malicious “update” wasn’t detected
Opera Software has finally come out with more details about the recent compromise of its internal infrastructure, the theft of an expired code signing certificate, and the …
Opera infrastructure compromised, users hit with malicious update
A breach of the Opera Software internal infrastructure has resulted in the theft of an expired Opera code signing certificate and used it to sign a piece of malware, package …
Featured news
Resources
Don't miss
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years
- More employees get AI tools, fewer rely on them at work
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks