-
Learn More
NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams
News Article from Sectigo
News Article Aug 23, 2024No longer relegated to post-doctorate physics academia and sad Schrödinger's cat thought experiments, post-quantum computing remediation has arrived in the real world.
-
Listen Now
EPISODE 414
Broadcast Date:
August 23, 202412 minutes
Podcast Aug 23, 2024Root Causes 414: What Are the Revocation Periods for Public Certs?
We detail mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.
-
Learn More
‘ALBeast’ load balancer flaw may affect 15,000 Amazon Web Services apps
News Article from Sectigo
News Article Aug 21, 2024A critical configuration bug was observed that affects applications using the AWS Application Load Balancer (ALB) for authentication, a flaw dubbed "ALBeast" that could lead to unauthorized access to business resources, data breaches, and data exfiltration.
-
Learn More
Unpacking The ALBeast Flaw
News Article from Sectigo
News Article Aug 21, 2024In the rapidly evolving landscape of cloud computing, security remains a top concern—one that continues to challenge both providers and users. The recent discovery of the ALBeast vulnerability, a critical flaw in AWS’s Application Load Balancer (ALB) authentication, serves as a stark reminder that even the most trusted cloud services are not immune to serious security risks.
-
Learn More
Backdoor in RFID Cards for Offices, Hotels Can Lead to Instant Cloning
News Article from Sectigo
News Article Aug 21, 2024A hardware backdoor in millions of RFID smart cards used to open hotel rooms and offices doors and made by a Chinese company that enables bad actors to instantly clone the cards.
-
Learn More
Think Log4j is a wrap? Think again.
News Article from Sectigo
News Article Aug 21, 2024Here's what you need to know about why the Log4j flaw, Log4Shell, remains a threat — and how to protect your organization with a modern software security approach.
-
Learn More
Think Log4j is a wrap? Think again.
News Article from Sectigo
News Article Aug 21, 2024Three years after its discovery, Log4Shell remains one of the software flaws that are most used by threat actors, a new report released by Cato Networks has found. Thereport exposed a 61% quarter one to quarter two increase in the attempted use of the vulnerability in inbound network traffic and a 79% increase in use in WAN-bound traffic during the same period.
-
Learn More
Backdoor in Mifare Smart Cards Could Open Doors Around the World
News Article from Sectigo
News Article Aug 21, 2024Security researchers have discovered a backdoor in a popular make of contactless key card, that could be exploited at scale to open hotel room and office doors across the globe.
-
Learn More
Multi-Domain vs Wildcard SSL - Differences and Use Cases
Blog Post from Sectigo
Blog Post Aug 20, 2024Digital certificates take many forms but they share the same primary goal: to authenticate a website or server's identity.
-
Learn More
Flaws in Microsoft Apps for MacOS Threaten App Permission Bypass
News Article from Sectigo
News Article Aug 20, 2024SC Media reports that Microsoft Outlook, Teams, Word, Excel, PowerPoint, and OneNote for macOS were impacted by eight security flaws, which could be utilized to evade available app permissions in the operating system even without further user verification.
-
Learn More
NIST Releases First Set of Finalized Post-Quantum Encryption Algorithms
News Article from Sectigo
News Article Aug 19, 2024The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has finalized its principal set of defensive post-quantum encryption algorithms, bringing some clarity to the process of preparing for the near future’s likely greatest cyber threat.
-
Learn More
Bugs in Microsoft apps for macOS could give privileges to attackers
News Article from Sectigo
News Article Aug 19, 2024Eight vulnerabilities in six leading Microsoft applications for macOS — including Outlook, Teams, PowerPoint, OneNote, Excel and Word — can let attackers bypass the operating system’s existing app permissions without prompting a user for any additional verification.