-
Podcast Apr 11, 2022
Root Causes 216: What Is crt.sh?
A foundational tool for monitoring public SSL certificates is crt.sh. We explain what crt.sh does and why it is so popular with SSL industry watchers.
-
Podcast Apr 08, 2022
Root Causes 215: Passwordless Authentication and Legacy Systems
Those using passwordless authentication frequently employ legacy systems that cannot support this scheme. We detail steps to mitigate this problem.
-
Podcast Apr 05, 2022
Root Causes 214: New DUO MFA Flaw Explained
A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA. We explain this exploit and why it is noteworthy.
-
Podcast Mar 31, 2022
Root Causes 213: 600-domain Phishing Attack
A recent phishing campaign encompassed 600 unique domains. We discuss the implications of a campaign of this scale and high level of organization.
-
Blog Post Mar 29, 2022
Privileged Access Management can help enhance network security - but it does come with risks. Learn about these PAM risks & best practices to avoid them.
-
Podcast Mar 28, 2022
Root Causes 212: S/MIME Limited to Three Years
On April 1 new root program requirements from Apple for S/MIME certificates go into effect, including a limitation of the allowable term to three years.
-
Podcast Mar 14, 2022
Root Causes 211: Does CLM Make Wildcard and MDC Irrelevant?
We weigh the degree to which Certificate Lifecycle Management (CLM) renders the benefits of wildcard and multi-domain certificates obsolete.
-
Podcast Mar 08, 2022
Root Causes 210: Living off the Land
Microsoft has deprecated support for the popular sysadmin tool WMIC. Join our hosts as they explain why and the broader lessons we can learn.
-
Podcast Mar 01, 2022
Root Causes 209: One-Day Deployment of CLM
For any Certificate Lifecycle Management platform to succeed, effective deployment is essential. We describe the optimal onboarding process, step by step.
-
Blog Post Feb 24, 2022
With deepfake technology, bad actors can impersonate others and gain access to sensitive data. Learn more about this threat to cybersecurity and how to prevent it.
-
Podcast Feb 24, 2022
Root Causes 208: HD Radio Error Bricks Automotive Information Systems
Recently automobile infotainment systems were permanently "bricked" by a HD radio flaw. Our hosts describe what happened and the lessons we can learn.
-
Blog Post Feb 23, 2022
For the first decade-plus of their lifespan as a technology, publicly trusted digital certificates operated with little oversight, transparency, or consistency in operating principles. To create predictable, reliable behavior among public Certificate Authorities (CAs) the CA/Browser Forum undertook the creation of its Baseline Requirements, which first went into effect in 2012.