Last week Kaspersky experts came across a piece of malware that was signed with a stolen digital certificate in order to avoid detection. If the security experts concentrated on the malware itself, other companies such as Venafi, the inventor of enterprise key and certificate management (EKCM) solutions, focused th... |
25 March 2012
05:51 GMT |
 |
|
Microsoft has removed a rogue SSL root certificate issued by DigiNotar from the list of trusted Windows root certificates in an effort designed to protect users of Internet Explorer from attacks impersonating Google online properties, including Gmail.
Dave Forstrom, director of Trustworthy Computing for Microsof... |
30 August 2011
09:11 GMT |
|
|
StartCom, one of the certification authorities trusted by browsers to issue SSL certificates has been breached earlier this month by attackers who tried to spoof high-profile websites.StartCom, which operates its SSL business as StartSSL, temporarily suspended the issuing of new certificates because of a security bre... |
21 June 2011
07:24 GMT |
|
|
A new mass phishing attack targeting Swiss credit card owners was seen using pages signed with a fake and expired SSL certificate.According to security researchers from Symantec, the attackers used a large number of domains pointing to the same IP address and server.The phishing page was signed with a certificate tha... |
26 February 2011
09:51 GMT |
|
|
A forged SSL certificate that could allow an attacker to trick users of IE, Safari or Chrome on Windows into thinking that a fake PayPal page is legitimate, has been publicly released. The cert exploits an yet-to-be-patched null byte poisoning vulnerability in Microsoft's CryptoAPI.A few months back, during the ... |
6 October 2009
05:57 GMT |
|
|
Three SSL implementation vulnerabilities, some of which were publicly disclosed during the Black Hat security conference, have been addressed in the new Mozilla Firefox 3.5.2 and 3.0.13 versions. Patches for Thunderbird and SeaMonkey, which are also vulnerable, will be released at a later date. The Black Hat Briefin... |
4 August 2009
05:00 GMT |
|
|
One in seven of all valid SSL certificates circulating on the Internet is signed using the weak MD5 algorithm, Netcraft reports. The vast majority of them are issued by RapidSSL, a certification authority acquired by VeriSign in 2006. Netcraft is a company based in England that offers IT security solutions. The compa... |
9 January 2009
05:16 GMT |
|
|
Find us on Google+
