Please turn on your JavaScript for this page to function normally.
Windows certificate
Underground vendors can reliably obtain code signing certificates from CAs

More and more malware authors are switching to buying new, valid code signing certificates issued by Certificate Authorities instead of using stolen (compromised) ones, …

Qualys CertView
Make certificate visibility and security a part of your overall security program

In this podcast recorded at RSA Conference 2018, Asif Karel, Director of Product Management at Qualys, illustrates why certificate visibility and security should not just be …

certificate
Counterfeit digital certificates for sale on underground forums

Signing malicious code with valid digital certificates is a helpful trick used by attackers to maximize the odds that malware won’t be flagged by antivirus solutions and …

reddit bad
Realistic, well-positioned Reddit clone is out to grab users’ login credentials

A convincing clone of the popular social news aggregation and discussion site Reddit has been spotted on the reddit.co domain. The author is obviously counting on users not to …

Microsoft
Microsoft plugs 56 vulns, including Office flaw exploited in attacks

As part of the January 2018 Patch Tuesday, Microsoft has released fixes for 56 CVE-listed vulnerabilities, including the Meltdown and Spectre flaws, and an Office bug actively …

certificate
How much do criminals pay for certificates on the dark web?

The Cyber Security Research Institute (CSRI) conducted a six-month investigation into the sale of digital code signing certificates on the dark web. The research uncovered …

https
Making HTTPS phishing sites easier to spot

For years, we taught users that a website’s URL that includes https at its very beginning is a relatively good indicator of whether they can safely input sensitive …

Symantec
Google to sanction Symantec for misissuing security certificates

In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing …

lock
Automating PKI for the IoT platform

In this podcast recorded at RSA Conference 2017, Jeremy Rowley, Executive VP of Emerging Markets at DigiCert, talks about automating PKI for IoT platform and building scalable …

structure
New attack sounds death knell for widely used SHA-1 crypto hash function

SHA-1 is definitely, provenly dead, as a group of researchers from CWI Institute in Amsterdam and Google have demonstrated the first practical technique for generating a …

certificate
Scale, frequency and causes of certificate-related outages

Certificate-related outages negatively impact the reliability and availability of vital systems and services, according to Venafi. ‚ÄúCertificates and keys are identity and …

Google
Google launches its own Root Certificate Authority

Google is known for slipping fingers in many pies, so it should not come as a surprise that it has opted for starting its own Root Certificate Authority. With the increased …

Don't miss

Cybersecurity news