-
Learn More
Unprotected Session Tokens Can Undermine FIDO2 Security
News Article from Sectigo
News Article May 15, 2024Many organizations that have implemented passwordless authentication via the FIDO2 standard may be undermining some of the security benefits of the approach by not properly securing the sessions that take place after authentication happens.
-
Learn More
Sectigo bags triple cyber awards confirming Certificate Lifecycle Management leadership
Press Release from Sectigo
Press Release May 14, 2024SCOTTSDALE, Ariz., — May 14, 2024 — Sectigo®, the industry’s most innovative provider of comprehensive certificate lifecycle management (CLM), today announced it has been honored with three awards from three leading cybersecurity publications. The recognition comes as the company prosecutes a new strategy to democratize the management of digital certificates critical for all.
-
Learn More
How risky is AI for elections and democracy?
News Article from Sectigo
News Article May 14, 2024With the rise of powerful chatbots and deceptive deepfake content, experts believe AI could be used to influence elections and it is unclear if governments or tech giants can deal with the threat.
-
Learn More
The Investigatory Powers Act: a precarious balancing act
News Article from Sectigo
News Article May 14, 2024The Investigatory Powers Act (IPA) of 2016 was tasked with combining various existing powers used by law enforcement and security agencies for communication data collection and interception.
-
Learn More
Cinterion Modem Vulnerabilities Leave IoT and Industrial Networks Exposed
News Article from Sectigo
News Article May 13, 2024Kaspersky researchers have identified multiple security vulnerabilities in Cinterion cellular modems, which could potentially be exploited by threat actors to access sensitive information and execute arbitrary code.
-
Learn More
Flaws in Cinterion modems hit multiple critical infrastructure sectors
News Article from Sectigo
News Article May 13, 2024Serious security flaws were discovered in Cinterion cellular modems, including critical flaws that permit remote code execution and unauthorized privilege escalation, posing great risks to Internet of Things (IoT) devices widely found in the industrial, healthcare, automotive, financial and telecom sectors.
-
Learn More
Airsoft Data Breach Exposes Data of 75,000 Players
News Article from Sectigo
News Article May 13, 2024Failure to properly configure authentication led to malicious actors exploiting the database backups of Airsoftc3.com, a popular Airsoft enthusiast community site, according to Cybernews researchers, who discovered the breach in December.
-
Listen Now
EPISODE 386
Broadcast Date:
May 13, 202414 minutes
Podcast May 13, 2024Root Causes 386: Meta Commits MITM Attack On Its Users
In 2016 Meta (then Facebook) set up a system to get around encryption and spy on traffic between its users and competing social media platforms.
-
Learn More
‘Secure by Design’: Career Opportunities for Tech, Security Pros
News Article from Sectigo
News Article May 10, 2024Thanks to several recent high-profile incidents and reported vulnerabilities, application security remains a major concern for businesses and government agencies alike. A report released by Gartner in October found that software development lifecycle attacks (SDLC) affected about 61 percent of U.S. businesses between April 2022 and 2023.
-
Listen Now
EPISODE 385
Broadcast Date:
May 10, 202412 minutes
Podcast May 10, 2024Root Causes 385: Failed Revocation and Wildcard Certificates
We discuss misuse of wildcard certificates, failure to revoke on time, and how these two failures magnify each other.
-
Learn More
Sectigo names Dena Bauckman as its new product chief
News Article from Sectigo
News Article May 09, 2024Certificate lifecycle management (CLM) specialist Sectigo has announced the appointment of Dena Bauckman as its new senior vice president of product. A seasoned technology product leader, Bauckman brings more than 20 years’ experience in the product management and marketing of security, cloud, and networking technology.
-
Learn More
Dropbox Sign eSignature Platform’s Security Breach Impacts All Users, Even Those Without Accounts
News Article from Sectigo
News Article May 09, 2024Popular cloud storage provider Dropbox has suffered a significant security breach impacting all users of its eSignature platform Dropbox Sign (formerly HelloSign).