SSL Certificate – Page 3 – WindowsTechs.com

Symantec API Flaws reportedly let attackers steal Private SSL Keys and Certificates

Posted on March 28, 2017 by Swati Khandelwal

A security researcher has disclosed critical issues in the processes and third-party API used by Symantec certificate resellers to deliver and manage Symantec SSL certificates.

The flaw, discovered by Chris Byrne, an information security consultant an… Continue reading Symantec API Flaws reportedly let attackers steal Private SSL Keys and Certificates→

Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates

Posted on March 24, 2017 by Swati Khandelwal

Google announced its plans to punish Symantec by gradually distrusting its SSL certificates after the company was caught improperly issuing 30,000 Extended Validation (EV) certificates over the past few years.

The Extended Validation (EV) status of al… Continue reading Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates→

Google becomes its own Root Certificate Authority

Posted on January 28, 2017 by Swati Khandelwal

In an effort to expand its certificate authority capabilities and build the “foundation of a more secure web,” Google has finally launched its root certificate authority.

In past few years, we have seen Google taking many steps to show its strong supp… Continue reading Google becomes its own Root Certificate Authority→

OpenSSL Releases Patch For “High” Severity Vulnerability

Posted on November 10, 2016 by Mohit Kumar

As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.

The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.

The vulnerability, reported by Robert Święcki of the Google Security Team on

Continue reading OpenSSL Releases Patch For “High” Severity Vulnerability→

Critical DoS Flaw found in OpenSSL — How It Works

Posted on September 23, 2016 by Swati Khandelwal

The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.

OpenSSL is a widely used open-source cryptographic library that… Continue reading Critical DoS Flaw found in OpenSSL — How It Works→

Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains

Posted on August 29, 2016 by Swati Khandelwal

A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain.

The certificate authority, named WoSign, issued … Continue reading Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains→