certificate – Page 2 – WindowsTechs.com

Mimecast breach investigators probe possible SolarWinds connection

Posted on January 13, 2021 by Sean Lyngaas

Mimecast, a global email security provider, on Tuesday said that one of its software security certificates had been breached by a “sophisticated threat actor” in a targeted operation to access customer emails. London-based Mimecast has a sprawling footprint, claiming some 39,000 customers around the world. The company said 10% of its customers use the particular software implementation involved in the breach, adding that attackers apparently targeted “a low single-digit number” of customers. The illicit access would have allowed attackers to spy on Mimecast clients. The hackers’ methods, and the fact that they targeted Microsoft’s cloud-based email services, have parallels with a suspected Russian hacking campaign that has used tainted software made by contractor SolarWinds to breach multiple U.S. government agencies. A person familiar with the matter told CyberScoop that investigators are examining whether the same attackers who breached SolarWinds also infiltrated Mimecast, a detail first reported by Reuters. “As a […]

The post Mimecast breach investigators probe possible SolarWinds connection appeared first on CyberScoop.

Continue reading Mimecast breach investigators probe possible SolarWinds connection→

Let’s Encrypt Will Stop Working For Older Android Devices

Posted on December 1, 2020 by Lewin Day

Let’s Encrypt was founded in 2012, going public in 2014, with the aim to improve security on the web. The goal was to be achieved by providing free, automated access to SSL and TLS certificates that would allow websites to make the switch over to HTTPS without having to spend …read more

Continue reading Let’s Encrypt Will Stop Working For Older Android Devices→

What is Certificate Lifecycle Management?

Posted on November 25, 2020 by Patrick Grubbs

Using X.509 digital certificates for authentication is an immediate and significant upgrade to credential (password) authentication, but it requires proper support infrastructure. Certificate Lifecycle Management systems (CLM/CLMS), also called Certifi… Continue reading What is Certificate Lifecycle Management?→

[SANS ISC] Quick Status of the CAA DNS Record Adoption

Posted on October 30, 2020 by Xavier

I published the following diary on isc.sans.edu: “Quick Status of the CAA DNS Record Adoption“: In 2017, we already published a guest diary about “CAA” or “Certification Authority Authorization”. I was curious about the status of this technique and the adoption level in 2020. Has it been adopted massively since

The post [SANS ISC] Quick Status of the CAA DNS Record Adoption appeared first on /dev/random.

Continue reading [SANS ISC] Quick Status of the CAA DNS Record Adoption→

Why Web Browser Padlocks Shouldn’t Be Trusted

Posted on September 29, 2020 by Tom Spring

Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them. Continue reading Why Web Browser Padlocks Shouldn’t Be Trusted→

FortiGate VPN Default Config Allows MitM Attacks

Posted on September 25, 2020 by Tara Seals

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Continue reading FortiGate VPN Default Config Allows MitM Attacks→

Ask Hackaday: What Can Be Done with Your Bootlooping Blu-Ray?

Posted on June 26, 2020 by Lewin Day

Last Friday, thousands of owners of Samsung Blu Ray players found that their home entertainment devices would no longer boot up. While devices getting stuck in a power-cycling loop is not uncommon, this case stands out as it affected a huge range of devices all at the same time. Samsung’s …read more

Continue reading Ask Hackaday: What Can Be Done with Your Bootlooping Blu-Ray?→

Let’s Encrypt Says It Will Revoke 3M Certificates Due to Software Bug

Posted on March 4, 2020 by David Bisson

Non-profit certificate authority (CA) Let’s Encrypt announced it will revoke more than three million digital certificates due to a software bug. On March 3, Let’s Encrypt revealed its plan to revoke 3,048,289 currently-valid certificates. T… Continue reading Let’s Encrypt Says It Will Revoke 3M Certificates Due to Software Bug→

Apple Goes Rogue, Drops Unilateral TLS Certificate Guillotine

Posted on February 24, 2020 by Richi Jennings

Safari will no longer trust certificates that last longer than 13 months. Yes, you read that right; IT and DevOps are spitting blood.
The post Apple Goes Rogue, Drops Unilateral TLS Certificate Guillotine appeared first on Security Boulevard.
Continue reading Apple Goes Rogue, Drops Unilateral TLS Certificate Guillotine→

Forgot to Renew Your TLS Certificate, Microsoft?

Posted on February 4, 2020 by Richi Jennings

Microsoft Teams went dark for seven hours yesterday. It turns out the Teams team forgot to renew a TLS certificate.
The post Forgot to Renew Your TLS Certificate, Microsoft? appeared first on Security Boulevard.
Continue reading Forgot to Renew Your TLS Certificate, Microsoft?→