certificates

UK banking customers targeted with Retefe Trojan with MitM capabilities
UK users are the latest targets of cyber crooks leveraging the Retefe banking Trojan and a rogue root certificate. The malware is out to steal online banking credentials of …

After issuing 1.7M certificates, Let’s Encrypt CA officially leaving beta
Let’s Encrypt, the non-profit Certificate Authority (CA) backed by the Electronic Frontier Foundation, Mozilla, Cisco, Akamai, and others, is ready to be considered a …

Million-plus sites hosted on WordPress.com get free SSL
Friday brought some very good news for existing and future owners of sites hosted on WordPress.com: they will be getting HTTPS protection without having to pay for an SSL …

Pirated App Store client for iOS found on Apple’s App Store
An app called 开心日常英语 (“Happy Daily English”), which has been offered for download via Apple’s official App Store, has been revealed to be a fully functional …

Microsoft will stop trusting certificates from 20 Certificate Authorities
Starting on January 2016, Microsoft’s Trusted Root Certificate Program will no longer include twenty currently trusted CAs and will remove their root certificates …
Windows machines stop trusting Dell’s two unconstrained root CA certs
Microsoft has updated the Certificate Trust list for all supported releases of Microsoft Windows so that the two digital certificates (complete with inadvertently disclosed …
More than 900 embedded devices share hard-coded certs, SSH host keys
Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a …
Another root CA cert with key found on Dell’s machines
The main piece of news on Monday was that Dell’s desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private …
Dell shipped computers with root CA cert, private crypto key included
All desktop and laptops shipped by Dell since August 2015 contain a root CA certificate (eDellRoot) complete with the private cryptographic key for it, opening users to the …
Sale of legitimate code-signing certs booms on darknet markets
In the underground cybercrime economy, many players have specialized in one or two skills and services. It should come as no surprise, then, that some have become experts at …
With unprotected keys and certificates, businesses lose customers
Unprotected and poorly managed keys and certificates result in a loss of customers, costly outages, failed audits, and security breaches, according to The Ponemon Institute …
Symantec fires employees who issued rogue Google certificates
Symantec has fired several employees that have been involved in the issuing of rogue certificates for some Google domains.“We learned on Wednesday that a small number of …
Featured news
Resources
Don't miss
- Autoswagger: Open-source tool to expose hidden API authorization flaws
- Why outsourcing cybersecurity is rising in the Adriatic region
- Microsoft rolls out Windows 11 “quick recovery” feature
- Maximum severity Cisco ISE vulnerabilities exploited by attackers
- Phishing campaign targets U.S. Department of Education’s G5 portal