certificate – WindowsTechs.com

Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap

Posted on September 8, 2023 by Ionut Arghire

Emsisoft urges its users to update anti-malware and other security products after signing them with an improperly issued digital certificate.
The post Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap appeared first on S… Continue reading Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap→

Google Cloud Users Can Now Automate TLS Certificate Lifecycle

Posted on May 26, 2023 by Ionut Arghire

Google makes ACME API available to all Google Cloud users to allow them to automatically acquire and renew TLS certificates for free.
The post Google Cloud Users Can Now Automate TLS Certificate Lifecycle appeared first on SecurityWeek.
Continue reading Google Cloud Users Can Now Automate TLS Certificate Lifecycle→

Google Cloud Users Can Now Automate TLS Certificate Lifecycle

Posted on May 26, 2023 by Ionut Arghire

Malware Apps Signed with Compromised Android Platform Certificates

Posted on December 3, 2022 by Deeba Ahmed

By Deeba Ahmed
Hackers are using compromised platform certificates to sign Android malware apps.
This is a post from HackRead.com Read the original post: Malware Apps Signed with Compromised Android Platform Certificates
Continue reading Malware Apps Signed with Compromised Android Platform Certificates→

Understanding Certificate Policies and Practice Statements

Posted on July 23, 2021 by Harry Haramis

Public key infrastructure (PKI) is the sort of technology that most users take for granted. They use it every day in a variety of ways but most don’t even realize it. PKI manages the digital certificates that encrypt sensitive data, secures web browsi… Continue reading Understanding Certificate Policies and Practice Statements→

Keyfactor to Acquire PrimeKey to Advance Certificate Automation

Posted on April 16, 2021 by Michael Vizard

Keyfactor announced this week announced it intends to acquire PrimeKey as part of an effort to enable organizations to more easily manage certificates on an end-to-end basis. The company also revealed it has raised an additional $125 million in fundin… Continue reading Keyfactor to Acquire PrimeKey to Advance Certificate Automation→

Mimecast confirms SolarWinds attackers breached security certificate, ‘potentially exfiltrated’ credentials

Posted on January 26, 2021 by Sean Lyngaas

Email security firm Mimecast on Tuesday confirmed that the hackers behind the SolarWinds espionage campaign compromised a software certificate the firm uses to secure connections to Microsoft cloud services. The revelation underscores how deeply embedded the suspected Russian hackers have been in major technology companies as part of a campaign that has also breached multiple U.S. federal agencies. The hackers may have exfiltrated “certain encrypted service account credentials created by customers hosted” in the U.S. and the U.K., the new Mimecast statement reveals. The company said it wasn’t aware of the hackers decrypting or abusing any of the stolen credentials. But it still told its U.S. and U.K.-hosted customers to reset their credentials as a precaution. Mimecast, which says it has 39,000 customers around the world, offers an attractive target for spies looking to burrow into high-value organizations. A stolen software certificate of this type could allow an intruder to […]

The post Mimecast confirms SolarWinds attackers breached security certificate, ‘potentially exfiltrated’ credentials appeared first on CyberScoop.

Continue reading Mimecast confirms SolarWinds attackers breached security certificate, ‘potentially exfiltrated’ credentials→

Mimecast breach investigators probe possible SolarWinds connection

Posted on January 13, 2021 by Sean Lyngaas

Mimecast, a global email security provider, on Tuesday said that one of its software security certificates had been breached by a “sophisticated threat actor” in a targeted operation to access customer emails. London-based Mimecast has a sprawling footprint, claiming some 39,000 customers around the world. The company said 10% of its customers use the particular software implementation involved in the breach, adding that attackers apparently targeted “a low single-digit number” of customers. The illicit access would have allowed attackers to spy on Mimecast clients. The hackers’ methods, and the fact that they targeted Microsoft’s cloud-based email services, have parallels with a suspected Russian hacking campaign that has used tainted software made by contractor SolarWinds to breach multiple U.S. government agencies. A person familiar with the matter told CyberScoop that investigators are examining whether the same attackers who breached SolarWinds also infiltrated Mimecast, a detail first reported by Reuters. “As a […]

The post Mimecast breach investigators probe possible SolarWinds connection appeared first on CyberScoop.

Continue reading Mimecast breach investigators probe possible SolarWinds connection→

Let’s Encrypt Will Stop Working For Older Android Devices

Posted on December 1, 2020 by Lewin Day

Let’s Encrypt was founded in 2012, going public in 2014, with the aim to improve security on the web. The goal was to be achieved by providing free, automated access to SSL and TLS certificates that would allow websites to make the switch over to HTTPS without having to spend …read more

Continue reading Let’s Encrypt Will Stop Working For Older Android Devices→

What is Certificate Lifecycle Management?

Posted on November 25, 2020 by Patrick Grubbs

Using X.509 digital certificates for authentication is an immediate and significant upgrade to credential (password) authentication, but it requires proper support infrastructure. Certificate Lifecycle Management systems (CLM/CLMS), also called Certifi… Continue reading What is Certificate Lifecycle Management?→