certificates
Another root CA cert with key found on Dell’s machines
The main piece of news on Monday was that Dell’s desktop PCs and laptops shipped since August 2015 contain a root CA certificate (eDellRoot) complete with the private …
Dell shipped computers with root CA cert, private crypto key included
All desktop and laptops shipped by Dell since August 2015 contain a root CA certificate (eDellRoot) complete with the private cryptographic key for it, opening users to the …
Sale of legitimate code-signing certs booms on darknet markets
In the underground cybercrime economy, many players have specialized in one or two skills and services. It should come as no surprise, then, that some have become experts at …
With unprotected keys and certificates, businesses lose customers
Unprotected and poorly managed keys and certificates result in a loss of customers, costly outages, failed audits, and security breaches, according to The Ponemon Institute …
Symantec fires employees who issued rogue Google certificates
Symantec has fired several employees that have been involved in the issuing of rogue certificates for some Google domains.“We learned on Wednesday that a small number of …
D-Link accidentally leaks code-signing certs in its firmware
Malware peddlers don’t always have to steal or buy (from sellers on underground forums) legitimate and valid code-signing certificates to sign their malware with – …
Security pros acknowledge risks from untrusted certificates but take no action
A Venafi survey of 300 Black Hat USA 2015 attendees reveals that most IT security professionals understand and acknowledge the risks associated with untrustworthy certificates …
Stolen Foxconn certs used to sign malware used in Kaspersky Lab attack
“After last week’s revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack …
Lenovo makes new critical security mistakes
After the Superfish debacle earlier this year, Lenovo’s security practices have once again been found lacking as researchers have discovered several vulnerabilities in …
Mozilla revokes trust for CNNIC certificates
Mozilla has joined Google in revoking trust for certificates issued by the China Internet Network Information Center (CNNIC) Certificate Authority. CNNIC is the administrative …
Google decides to stop trusting CNNIC certificates
In the wake of last week’s incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an …
How to wipe Superfish adware and offending cert from your Lenovo laptop
After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that’s also breaking the security of secure connections by using …
Featured news
Sponsored
Don't miss
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity
- 25 cybersecurity AI stats you should know
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)