ssl/tls

Chrome to distrust Symantec certificates from next year

Chrome to distrust Symantec certificates from next year

Site operators urged to replace digital credentials.
Jul 31 2017 8:38AM
Symantec tricked into revoking SSL certs with fake keys

Symantec tricked into revoking SSL certs with fake keys

Journo tests legitimacy processes.
Jul 21 2017 3:36PM
Digital certificate use by phishing sites spikes

Digital certificate use by phishing sites spikes

Let's Encrypt, Comodo continue to issue credentials for fraudulent sites.
Apr 13 2017 6:08AM
Symantec slams Google's TLS cert penalty measures

Symantec slams Google's TLS cert penalty measures

Tech giants in public spat.
Mar 28 2017 7:30AM
Cloudbleed data leak flaw wasn't exploited: Cloudflare

Cloudbleed data leak flaw wasn't exploited: Cloudflare

Company to continue analysis of "extremely serious bug".
Mar 3 2017 6:33AM
Cloudbleed: When security means living with complexity

Cloudbleed: When security means living with complexity

[Blog post] It's difficult trying to do the right thing.
Feb 28 2017 10:00AM
Expired certificate locks US DHS staff out of systems

Expired certificate locks US DHS staff out of systems

DHS domain controllers said no to logins.
Feb 23 2017 9:30AM
Security products endanger customers through poor TLS interception

Security products endanger customers through poor TLS interception

Introduce Logjam, POODLE, CRIME and other vulnerabilities.
Feb 8 2017 12:15PM
Google sets up own root certificate authority

Google sets up own root certificate authority

Continues push towards secure HTTPS-based web.
Jan 29 2017 9:05PM
Symantec in another bogus digital certs blunder

Symantec in another bogus digital certs blunder

"Test" certificates revoked.
Jan 23 2017 9:00AM
Thousands of bogus certs issued after GoDaddy bug blunder

Thousands of bogus certs issued after GoDaddy bug blunder

Flaw unnoticed since July last year.
Jan 12 2017 9:52AM
HEIST attack breaches HTTPS in the browser

HEIST attack breaches HTTPS in the browser

Can tap into HTTPS comms without MITM position.
Aug 5 2016 5:16AM
Respect my Certificate Authority!

Respect my Certificate Authority!

[Blog post] You should decide who to trust.
May 31 2016 2:30PM
Long way to go before the web is HTTPS protected

Long way to go before the web is HTTPS protected

Moving can be a struggle for site operators.
Mar 16 2016 9:21AM
OpenSSL fixes high-severity key recovery hole

OpenSSL fixes high-severity key recovery hole

Further hardening against "Logjam" attack included in update.
Jan 29 2016 9:25AM
Google dumps Symantec SSL certificate in Chrome, Android

Google dumps Symantec SSL certificate in Chrome, Android

No longer trusted.
Dec 14 2015 6:51AM
Scores of devices on Telstra vulnerable to silent data interception

Scores of devices on Telstra vulnerable to silent data interception

Digital key reuse leaves millions of network devices wide open.
Nov 27 2015 4:37PM
Dell owns up to eDellroot fake cert security gaffe

Dell owns up to eDellroot fake cert security gaffe

Posts removal instructions and pushes out software update.
Nov 25 2015 7:00AM
Fake digital certificates on Dell systems put users at risk

Fake digital certificates on Dell systems put users at risk

Superfish round two?
Nov 24 2015 6:36AM
Slew of snafus threaten integrity of SSL/TLS

Slew of snafus threaten integrity of SSL/TLS

[Blog post] Digital certificate system too fragile.
Nov 17 2015 2:13PM

Log In

Username / Email:
Password:
  |  Forgot your password?