-
Podcast Nov 22, 2022
Root Causes 258: New S/MIME Baseline Requirements Ratified
The CA/Browser Forum has passed new Baseline Requirements for S/MIME certificates. We explain their broad stipulations.
-
Blog Post Nov 21, 2022
Not all forms of multi-factor authentication (MFA) are created equal and the forms that are based on one-time passcodes have turned into corporate liabilities. One-time passcodes that are entered into malicious login pages or entered into a compromised endpoint can be harvested by an attacker and utilized to log in along with a harvested username and password.
-
Podcast Nov 18, 2022
Root Causes 257: FTX Crypto Exchange Collapses
"If you don't hold the keys, you don't hold the cheese." Crypto exchange giant FTX recently collapsed, causing ripples through the cryptocurrency world.
-
Podcast Nov 16, 2022
Root Causes 256: What Is Harvest and Decrypt?
For secrets with a reasonable lifespan, the quantum computer threat is much closer than you might think, including as early as today.
-
Podcast Nov 11, 2022
Root Causes 255: What Is a Privacy Browser?
In this episode we describe privacy browsers, the strategies they use, and the pros and cons of this approach.
-
Podcast Nov 08, 2022
Root Causes 254: Toyota Symmetric Key Exposed on GitHub
In a recently exposed error, key material for a popular automobile manufacturer's PKI has been discovered on GitHub, exposing sensitive information.
-
Podcast Nov 04, 2022
Root Causes 253: OpenSSL Vulnerability Explained
Last week the OpenSSL project announced an upcoming critical patch. We explain what the flaw was, what you should do, and why certificates are unaffected.
-
Podcast Oct 28, 2022
Root Causes 251: What's Next for the NIST PQC Primitives?
NIST has announced its new post-quantum cryptography primitives. We discuss the next steps required by industry and what the enterprise can do today.
-
Podcast Oct 26, 2022
Root Causes 250: 250 Episodes of Root Causes!
It's Root Causes episode 250! In this podcast about podcasting hear about choosing topics, why we have few guests, reacting to requests for media kits.
-
Podcast Oct 21, 2022
Root Causes 249: What Is MFA Exhaustion?
Recent high profile attacks that were enabled by defeating MFA. We explain the concept of MFA fatigue and why it is an enabler for these attacks.
-
Webinar Oct 20, 2022
Is Your Passwordless Really Passwordless Webinar
Passwordless is a hot topic, and rightly so. Unfortunately, many so-called “passwordless” solutions are anything but. Learn more about true passwordless.
-
Podcast Oct 18, 2022
Root Causes 248: Azure Code Signing Announced
Microsoft has announced the upcoming availability of a Microsoft-run code signing solution inside the Azure platform. We explain what to expect.