Security news that informs and inspires

Archive

3 results for tag Certificate Authority:

Attackers Are Signing Malware With Valid Certificates

There used to be a time when malware signed with a legitimate certificate was the mark of a sophisticated, nation-state-backed attacker. Now anyone can have signed malware.

Malware, Certificate Authority

New CA Focus on EV Certs Won’t Stop Phishing

The CA Security Council's London Protocol attempts to address the problem of phishing sites with legitimate SSL/TLS certificates, but the initiative perpetuates the myth that the pricier EV certificates are more secure than DV certificates.

SSL Certificates, TLS, Encryption, Certificate Authority

Find Phishing Sites in Certificate Transparency Logs

Mining Certificate Transparency logs can help uncover phishing sites using spoofed domain names, but it’s hard to do. Facebook has updated its Certificate Transparency Monitoring tool to notify website owners when their sites are being spoofed for malicious use.

Phishing, Certificate Authority, SSL Certificates, Tools