According to a recent paper, threat actors are abusing the code signing process associated with public key infrastructure and evading antivirus detection.
Despite significant progress in the area of security certificates, many organizations still suffer preventable outages, according to a recent study.
Digital certificates are used to authenticate both sides of a browser connection. It's a good first step, but certificates do not assure absolute trust.
According to new guidelines, as of September 2017 SSL certificates will have to be checked against a dataset before they can be issued.
In response to alleged violations, Google announced that its Chrome web browser will not trust an SSL certificate from Symantec for more than 279 days.
Google launched its own root certificate authority as part of a push to implement the secure web protocol HTTPS across all its services and products.
GoDaddy had a SSL certificate security problem. A flawed authentication protocol caused the site to revoke 9,000 SSL certificates.
Some of the biggest names in the web browser game — namely, Google, Microsoft and Mozilla — plan to stop accepting insecure SHA-1 certificates in 2017.
First organized in 2005, The CA/Browser Forum is a voluntary group of certification authorities (CAs), vendors of internet browser software and suppliers of other applications that use X.509 v.3 digital certificates for SSL/TLS and code signing. In...
Web browsers are moving away from SHA-1 digital certificates, and organizations need to make sure they are in line with more secure measures.