certificates
With unprotected keys and certificates, businesses lose customers
Unprotected and poorly managed keys and certificates result in a loss of customers, costly outages, failed audits, and security breaches, according to The Ponemon Institute …
Symantec fires employees who issued rogue Google certificates
Symantec has fired several employees that have been involved in the issuing of rogue certificates for some Google domains.“We learned on Wednesday that a small number of …
D-Link accidentally leaks code-signing certs in its firmware
Malware peddlers don’t always have to steal or buy (from sellers on underground forums) legitimate and valid code-signing certificates to sign their malware with – …
Security pros acknowledge risks from untrusted certificates but take no action
A Venafi survey of 300 Black Hat USA 2015 attendees reveals that most IT security professionals understand and acknowledge the risks associated with untrustworthy certificates …
Stolen Foxconn certs used to sign malware used in Kaspersky Lab attack
“After last week’s revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack …
Lenovo makes new critical security mistakes
After the Superfish debacle earlier this year, Lenovo’s security practices have once again been found lacking as researchers have discovered several vulnerabilities in …
Mozilla revokes trust for CNNIC certificates
Mozilla has joined Google in revoking trust for certificates issued by the China Internet Network Information Center (CNNIC) Certificate Authority. CNNIC is the administrative …
Google decides to stop trusting CNNIC certificates
In the wake of last week’s incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an …
How to wipe Superfish adware and offending cert from your Lenovo laptop
After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that’s also breaking the security of secure connections by using …
Gogo in-flight WiFi service serves fliers fake Google certs
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively …
Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
HP to revoke certificate that was used to signed malware
HP has announced to its customers that it will soon revoke a specific private digital certificate that they used to sign some software components that ship with some of its …
Featured news
Resources
Don't miss
- Exposed training apps are showing up in active cloud attacks
- Unbounded AI use can break your systems
- Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
- RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)
- RansomHub claims alleged breach of Apple partner Luxshare