Tags security certificates
Mimecast confirms SolarWinds attackers breached security certificate, 'potentially exfiltrated' credentials
Mimecast offers an attractive target for spies looking to burrow into high-value organizations
A phishing campaign with nation-state hallmarks is targeting Chinese government agencies
The identity of the hackers responsible remains elusive, though the phishing targets in China and the IP addresses involved indicate a coordinated effort, researchers from Anomali said.
'Critical' flaw in apps for Sennheiser headphones allows certificate access
The mistake means that hackers could decrypt the key and use the certificate, a means of digital authentication, to monitor victims’ traffic and launch main-in-the-middle attacks.
Pentagon lays out plan to secure websites in response to lawmaker inquiry
CIO Dana Deasy lays out the department's plan in response to Sen. Ron Wyden, who raised concerna about the security of DOD's many public-facing sites.
Mozilla weighs following Chrome in mistrusting Symantec certs
A blog post by the maker of the Firefox browser says Chrome engineers are correct in their assessment of the problems with Symantec-issued internet security certificates — but they may have gone too far by proposing to distrust them.
Citing compliance failures, Chrome will distrust Symantec certificates
Two of the biggest names on the internet embarked on a game of chicken this week over the little green padlock in the address bar.