certificates
Code signing keys and certificates are crucial security assets, are you protecting them?
Only 28 percent of organizations consistently enforce a defined security process for code signing certificates, a Venafi study of over 320 security professionals in the U.S., …
PII capturing websites still applying poor security measures one year after GDPR
One year after the EU General Data Protection Regulation (GDPR) went into effect, 1 in 10 PII capturing websites belonging to the top 10 UK financial services organizations …
CIOs admit certificate-related outages routinely impact critical business applications and services
Certificate-related outages harm the reliability and availability of vital network systems and services while also being extremely difficult to diagnose and remediate. …
Cybercriminals are increasingly using encryption to conceal and launch attacks
In this Help Net Security podcast, Deepen Desai, VP Security Research & Operations at Zscaler, talks about the latest Zscaler Cloud Security Insight Report, which focuses …
Attackers compromised ASUS to deliver backdoored software updates
Unknown attackers have compromised an update server belonging to Taiwanese computer and electronics maker ASUS and used it to push a malicious backdoor on a huge number of …
Sale of SSL/TLS certificates on the dark web is rampant
There is no dearth of compromised, fake and forged SSL/TLS certificates for sale on dark web markets, researchers have found. TLS certificates are sold individually and …
74% of organizations face outages due to expired certificates
As information security budgets grow and funds are allocated to protect the defensive perimeter, many companies have overlooked the critical importance of digital certificate …
Google also abused its Apple developer certificate to collect iOS user data
It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of …
A final call for replacing security certificates using Symantec roots
Help Net Security sat down with Jeremy Rowley, Executive Vice President of Product at DigiCert. He leads the company’s product development teams serving its TLS and digital …
Explosion of look-alike domains aims to steal sensitive data from online shoppers
Venafi released research on the explosion of look-alike domains, which are routinely used to steal sensitive data from online shoppers. Venafi’s research analyzed suspicious …
Organizations apply stronger PKI security controls due to their increasingly critical role
The Internet of Things is the fastest growing trend driving the deployment of applications that use public key infrastructure as evidenced by the Thales 2018 Global PKI Trends …
Underground vendors can reliably obtain code signing certificates from CAs
More and more malware authors are switching to buying new, valid code signing certificates issued by Certificate Authorities instead of using stolen (compromised) ones, …
Featured news
Sponsored
Don't miss
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
- Debunking compliance myths in the digital era
- How CISOs tackle business payment fraud
- AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
- Attackers leverage weaponized iMessages, new phishing-as-a-service platform