Back
-
Solutions
Back
Digital Trust for:
Enterprise IT, PKI & Identity
Code & Software Signing
Documents & eSignatures
IoT & Connected Devices
Manage PKI and certificate risk in one place
Quantum is coming.
It's time to prepare.
Quantum is coming.
WATCH REPLAY
It's time to prepare. - Buy
-
Insights
Back
Resources
Explore these pages to discover how DigiCert is helping organizations establish, manage and extend digital trust to solve real-world problems.
-
Partners
Back
- Support
- Contact us
- Language
News
03-27-2015
Mark Santamaria
This Month in SSL: March 2015
Here is our latest news roundup of articles about network and SSL security. Click here to see the whole series.
SSL & Encryption News
- NCC Group Cryptography Services along with the Linux Foundation will be conducting the first public security audit of OpenSSL. The audit is expected to take a few months, and the result should be published this summer.
- Microsoft recently warned users of an incorrectly issued SSL Certificate.
- On March 20th Google found that an intermediate CA under the Chinese registrar (CNNIC) had misissued digital certificates for several of Google’s domains.
- Researchers at the University of London discovered that RSA encryption keys have been duplicated 28,000 times.
Data Security
- New malware named PoSeidon uses memory scraping (a common point-of-sale Trojan technique) to exfiltrate payment card data from point-of-sale (PoS) terminals.
- Biometric authentication is gaining momentum. A recent report estimates that by 2019, 770 million biometric apps will be downloaded.
- Yahoo offers on-demand passwords as an alternative to traditional primary passwords.
Vulnerabilities
- In early March, the FREAK vulnerability was discovered. The FREAK vulnerability affected Safari, Android OS, Internet Explorer, OpenSSL, and others.
- A security audit revealed what was thought to be a high severity vulnerability in OpenSSL.
- Sites that use the Facebook login could be vulnerable to hijacking because of a recently released tool called Reconnect.
Data Breaches
- On March 17, health insurance provider Premera Blue Cross announced that they had suffered a major data breach, exposing customer information. The breach affected 11 million customers.
- After being contacted by law enforcement, NEXTEP (a point-of-sale provider), announced that they are investigating a possible data breach.
- Mandarin Oriental hotels confirms that they suffered a data breach. The number of customers and which hotels were affected have not yet been disclosed.
Cybercrime
- Hacked GoDaddy accounts are being used by cybercriminals for Angler-type attacks.
- A South Korean nuclear plant is being held ransom by a hacker.
Internet of Things
- Volvo is testing a real-time warning system that would allow cars that encounter hazardous conditions on the road to relay the data to other vehicles in the area through a Volvo server.
Reports/White Papers
- A recent report by Reuters showed that 80% of merchants around the world fail PCI compliance standards.
- A recent study shows that there are 2,400 vulnerable and suspicious mobile apps on employee devices.
Featured Stories
-
The most-trusted global provider of high-assurance TLS/SSL, PKI, IoT and signing solutions.
-
-
© 2024 DigiCert, Inc. All rights reserved.
Legal Repository Audits & Certifications Terms of Use Privacy Center Accessibility Cookie Settings