-
Blog Post Aug 26, 2019
Mozilla Should Reconsider Removing the EV Green Address Bar
The week before last, very quickly and without advance warning, Mozilla announced that it would remove the Extended Validation SSL certificate indicator from its upcoming build 70. This announcement spawned a very lively debate that is still going on. Below is my response to the thread, explaining why I believe it to be ill- considered and detrimental to overall internet security. Jason Soroko and I also covered Mozilla's decision to remove the EV SSL indicator in our Root Causes PKI and security podcast series.
-
Blog Post Aug 14, 2019
Be Prepared for One-Year SSL Certificate Duration
A recent CA/Browser Forum ballot sponsored by Google stands to limit SSL certificate lifespans to 397 days starting in March 2020. Should this pass, organizations using two-year SSL certificates will need to change their practices to only one-year certificates moving forward. Fortunately, automation options are available.
-
Blog Post Aug 09, 2019
How Cyber Criminals Infect Appliances and Manufacturers Can Stop Them
Homes and businesses worldwide are vulnerable to attacks from cyber thieves and other bad actors – and not just through their computer networks. The embedded electronics inside appliances present an easy path of entry. It’s already happened.
-
Learn More
New Research on EV SSL Security from Georgia Tech
Blog Post from Sectigo
Blog Post Jul 29, 2019Online criminal actors reveals that domains with EV SSL certificates are 99.99% likely to be unassociated with bad cyber actors. CyFI studied 2.6 million domains associated with EV SSL to arrive at these results.
-
Learn More
Journalists and Researchers: Don't Confuse Comodo with Sectigo
Blog Post from Sectigo
Blog Post Jul 28, 2019An article from yesterday incorrectly calls Comodo an issuer of SSL certificates. Comodo has not been in the digital certificate business since 2017, when Sectigo spun out as its own business.
-
Learn More
EV Fallacies Debunked
Blog Post from Sectigo
-
Blog Post Jul 17, 2019
Firefox to Add “Not Secure” Warning to Non-SSL Pages
In its upcoming build 70, Firefox will incorporate a “Not Secure” warning for non-SSL pages. This warning will appear to the left of the address, where the company-branded green address bar appears on sites with EV SSL certificates.
-
Blog Post Jul 10, 2019
DigiCert Changes to New Private Equity Owners
DigiCert announced yesterday that the company has been acquired by Clearlake Capital Group and TA Associates. With this latest ownership change, it’s worth pointing out how crucial it is for Certificate Authorities to maintain the highest levels of performance. To preserve its place of extreme trust in the digital ecosystem, a CA needs to get a whole lot of things right.
-
Blog Post Jul 07, 2019
Bad Cars: Anatomy of a Ransomware Attack
Suppose cyber hackers successfully penetrated and infected critical components in a manufacturer's vehicles? Imagine now that the bad guys had the software or security keys that could fix these problems, but hold them as ransom, jeopardizing an entire fleet of new cars.
-
Learn More
How Loss Aversion Ties into Decision Making for EV SSL Certificates
Blog Post from Sectigo
Blog Post Jul 01, 2019I have been engaged with many decisions makers who are evaluating whether or not to use Extended Validation SSL on their sites, and I have repeatedly observed how a psychological phenomenon called loss aversion biases this decision-making process. Read on to learn more.
-
Learn More
Return of the IoT Botnet: Silex Exposes the Underbelly of IoT Devices
Blog Post from Sectigo
Blog Post Jun 27, 2019IoT botnets and cyberattacks just keep coming. The most recent attack, the Silex botnet, is particularly nasty. It doesn’t use devices to create DDoS attacks or attempt to steal personal data. The malware simply deletes the software from the device rendering it useless, or “bricking” the device. Fortunately, there are ways to prevent these kinds of attacks.
-
Blog Post Jun 26, 2019
How Well Do the Largest Banks Protect Customers from Phishing?
In our latest Secure Impressions: Online Banking Study, Sectigo reveals how well the world's largest banks in North America and Europe ensure and demonstrate security of customer information on their online banking websites. Sectigo rated websites based on the presence of SSL certificates; verifications provided by a CA, which confirm that a website is authentic and legitimate.
