- September 16, 2021
- Aryne Leigh Monton
Buying Insurance with Digital Signatures
In comes the digital age where insurance contracts are now signed electronically. Learn about digital signatures and how this impacts purchasing…
-
4 Major Considerations for your PKI for IoT Deployment
March 26, 2015In my last post, I suggested that PKI might be the answer to securing the Internet of Things (IoT) - it's an established standard and offers the authentication, encryption, and data integrity needed…
-
New Certificate Inventory Tool
March 25, 2015I’m very excited to announce the latest addition to our suite of SSL tools – the Certificate Inventory Tool (CIT)! The CIT solves certificate management headaches by locating all SSL certificates on…
-
New Security Flaws found within OpenSSL
March 19, 2015OpenSSL released updated versions of its software with patches to fix various vulnerabilities including one that could allow an attacker to perform a denial-of-service attack against a server running…
-
Globalsign re-accredited as NAESB CA
March 19, 2015GlobalSign’s successful completion of the North American Energy Standards Board (NAESB) Authorized Certification Authority accreditation audit.
-
WhiteHouse.gov Implements Always On SSL and You Should Follow Suit
March 17, 2015Last week the White House’s web team announced that it was enabling HTTPS by default, also known as Always On SSL (AOSSL). The FTC did the same thing a week before that. AOSSL isn’t a new concept for…
-
Is your SSL Server Vulnerable to a Freak Attack?
March 16, 2015FREAK is a new man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at INRIA, Microsoft Research and IMDEA. FREAK stands for “Factoring RSA-EXPORT Keys.” The vulnerability…
-
SSL Certificate Validity to be limited to 39 months
March 12, 2015As stated by the CA/B Forum, no later than 1 April 2015, certificates must be limited to a maximum validity of 39 months.
-
Reflections on FTC's IoT Report - Careful Connections: Building Security in the Internet of Things
March 02, 2015t's great to see the abundance of cyber and information security discussion and activity by regulators of late. Particularly in January, the FTC released a report providing guidance to business for…
-
System integrator Avisi enables certificate-based authentication for Dutch notaries
March 02, 2015System integrator Avisi enables multi-factor authentication for Dutch notaries when accessing KNB platform
-
3 Reasons to Run an Internal CA...That You Should Reconsider
February 27, 2015It's clear digital certificates can be a great option for your security projects (e.g., authentication, digital signatures, secure email), but once you've decided on a certificate-based solution, you…
-
Lenovo enables man-in-the-middle attacks via Superfish Adware
February 20, 2015Lenovo enables man-in-the-middle attacks via Superfish Adware- find out how!
-
PKI's Role(s) in Securing the IoT
February 19, 2015It seems you can't go a day without hearing about the Internet of Things (IoT). While there's no questioning the scale and impact it's going to have on our life as we know it, there is one major…
-
Six ways identity will take center stage in 2015
February 02, 2015With the growing connectedness of all things great and small, the need for trusted identities will take center stage in 2015
-
Email Encryption for All? Thoughts on the Sony Hack
January 06, 2015Everyone's talking about the Sony megahack, and for good reason. The sheer amount of data (up to 11 TB), and the contents (passwords, employee social security numbers, corporate secrets, emails) have…
-
POODLE Vulnerability Expands Beyond SSLv3 to TLS 1.0 and 1.1
December 09, 2014When we first reported on the POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability in October, it was believed to only affect the SSLv3 protocol. However, the vulnerability, which…