News

pki

Article | 18/03/2013 Internal-use SSL certificates pose security risk for upcoming domain extensions
The practice of issuing SSL certificates for internal domain names with unqualified extensions could endanger the privacy and integrity of HTTPS commu...
Article | 14/03/2013 Researchers resurrect and improve CRIME attack against SSL
Two researchers from security firm Imperva have devised new techniques that could allow attackers to extract sensitive information from users' encrypt...
Article | 11/03/2013 Lack of HTTPS on iOS App Store left users open to attacks, researcher says
Until late January, Apple's App Store servers did not encrypt all communications with iOS clients, which exposed users to several potential attacks, a...
Article | 5/03/2013 Cybercriminals using digitally signed Java exploits to trick users
Security researchers warn that cybercriminals have started using Java exploits signed with digital certificates to trick users into allowing the malic...
Article | 21/02/2013 New Silent Text app for iOS allows encrypted file transfers with self-destruct option
Silent Circle, a startup company that provides encrypted mobile communication services, released a new version of its Silent Text app for iOS that all...
Article | 19/02/2013 Mozilla changes policy to limit risk of subordinate CA certificate abuse
Mozilla is taking steps to limit the risk of powerful subordinate Certificate Authority (CA) certificates falling into the hands of attackers and pote...
Article | 14/02/2013 Certificate Authorities form group to push for better certificate-revocation checking
Several Certificate Authorities (CAs) have formed an advocacy group called the Certificate Authority Security Council (CASC), which will focus on prom...
Article | 23/01/2013 Mega responds to security concerns; promises some changes
Representatives of newly launched file-storage and sharing service Mega addressed some of the concerns raised by security researchers in recent days a...
Article | 4/01/2013 Rogue Google SSL certificate not used for dishonest purposes, Turktrust says
Turktrust, the Turkish certificate authority (CA) responsible for issuing an intermediate CA certificate that was later used to generate an unauthoriz...
Article | 22/11/2012 HTTP Strict Transport Security becomes Internet standard
A Web security policy mechanism that promises to make HTTPS-enabled websites more resilient to various types of attacks has been approved and released...
Article | 31/10/2012 One year after DigiNotar breach, Fox-IT details extent of compromise
The 2011 security breach at Dutch certificate authority (CA) DigiNotar resulted in an extensive compromise and was facilitated in part by shortcomings...
Article | 22/11/2011 EFF proposes new method to strengthen Public Key Infrastructure
The Electronic Frontier Foundation (EFF) is proposing an extension to the current SSL chain of trust that aims to improve the security of HTTPS and ot...
Article | 12/09/2011 GlobalSign plans to reopen Tuesday despite web server hack
GlobalSign expects to bring its certificate-issuing systems back online on Monday, and resume business Tuesday, it said over the weekend. The U.S. cer...

News

Most Popular

Best Deals on PCWorld

Most Commented

Product Categories

Contact Us

Twitter Feed