-
Listen Now
EPISODE 428
Broadcast Date:
October 4, 202417 minutes
Podcast Oct 04, 2024Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers managed to take over WHOIS for the .mobi TLD, foretelling the death of WHOIS as an email source for Domain Control Validation (DCV).
-
Learn More
NIST's Security Flaw Database Still Backlogged with 17K+ Unprocessed Bugs. Not Great
News Article from Sectigo
News Article Oct 02, 2024NIST has made some progress clearing its backlog of security vulnerability reports to process – though it's not quite on target as hoped. The US government standards body just blew its self-imposed September 30 deadline to bring the speed at which its National Vulnerability Database (NVD) processes new flaws up to its pre-February rate, following a decline in output this year.
-
Listen Now
EPISODE 427
Broadcast Date:
October 2, 202416 minutes
Podcast Oct 02, 2024Root Causes 427: Mapping CLM to NIST CSF 2.0
In this episode we map the contributions of Certificate Lifecycle Management into the new NIST Cybersecurity Framework 2.0.
-
Learn More
Overcoming Certificate Lifecycle Management challenges
Blog Post from Sectigo
Blog Post Oct 01, 2024Automated CLM streamlines certificate management, reducing costs, minimizing outages, and boosting security, scalability, and compliance.
-
Watch Now
60 minutes
Webinar Oct 01, 2024How mature is your Certificate Lifecycle Management?
The surge in certificate usage has reached unprecedented levels, with industry standards for certificate lifespans progressively shrinking.
-
Learn More
Over two dozen critical bugs found in voter registration, court systems
News Article from Sectigo
News Article Oct 01, 2024“Many government systems are 20 to 30 years old and lack modern features like strong authentication, encryption, and access controls. These gaps make them vulnerable to attacks. The fact that attackers can easily alter voter databases or access legal records shows the limits of relying on reactive measures like penetration testing.” - Jason Soroko, senior fellow at Sectigo.
-
Learn More
Expired Certificate crashed $6 trillion Bank of England system
News Article from Sectigo
News Article Sep 30, 2024Network configuration, CA and SWIFT issues, and certificate expiration blamed for a series of RTGS outages the past year.
-
Listen Now
EPISODE 426
Broadcast Date:
September 30, 20248 minutes
Podcast Sep 30, 2024Root Causes 426: Expired Certificate Takes Down Bank of England
A certificate expiration is now known to have created July's outage of Bank of England. Join us as we shake our heads in amazement yet again.
-
Listen Now
EPISODE 425
Broadcast Date:
September 27, 202411 minutes
Podcast Sep 27, 2024Root Causes 425: PQC Requirements for Voting Systems
In honor of the upcoming US elections, we describe the six main requirements for a post-quantum voting system.
-
Learn More
City Water Facility in Kansas Hit by Cyberattack
News Article from Sectigo
News Article Sep 26, 2024A city in southern Kansas is responding to a cyberattack against its municipal water system, highlighting again the threat bad actors represent to such critical infrastructure in the United States.
-
Learn More
G7 Cyber Expert Group warns financial sector of quantum computing
News Article from Sectigo
News Article Sep 25, 2024The G7 Cyber Expert Group (CEG) released a public statement Sept. 25 highlighting the potential cybersecurity risks to the financial sector from the expected advancements in quantum computing.
-
Learn More
G7 Cyber Expert Group Warns of Quantum Computing Risks in Finance
News Article from Sectigo
News Article Sep 25, 2024Today, the G7 Cyber Expert Group (CEG), chaired by the U.S. Department of the Treasury and the Bank of England, issued a statement addressing the cybersecurity risks posed by quantum computing. While quantum advancements promise groundbreaking changes, they also threaten the security of current encryption standards widely used in financial systems.