-
Listen Now
EPISODE 430
Broadcast Date:
October 9, 202414 minutes
Podcast Oct 09, 2024Root Causes 430: How Does a TLS Handshake Work?
In this episode we give a high level explanation of what happens in a TLS 1.3 handshake and then discuss what will happen when PQC is included.
-
Listen Now
EPISODE 429
Broadcast Date:
October 8, 20247 minutes
Podcast Oct 08, 2024Root Causes 429: ServiceNow Outage Due to Expired Root Certificate
A ServiceNow private CA root expired, creating outages across hundreds of enterprises. We explain what appears to have gone on.
-
Learn More
Insider Threat Damage Balloons as Visibility Gaps Widen
News Article from Sectigo
News Article Oct 04, 2024A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.
-
Learn More
Ivanti Flaw Exploited, Posing 'Significant Threat'
News Article from Sectigo
News Article Oct 04, 2024An Ivanti flaw in its Endpoint Manager (EPM) has been exploited despite being identified and patched in May.
-
Learn More
Cybersecurity basics: passwords, MFA, phishing & software updates
Blog Post from Sectigo
Blog Post Oct 04, 2024Despite years of awareness, basic cybersecurity practices like strong passwords, MFA, and phishing alerts are still essential in our fast-paced world.
-
Listen Now
EPISODE 428
Broadcast Date:
October 4, 202417 minutes
Podcast Oct 04, 2024Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers managed to take over WHOIS for the .mobi TLD, foretelling the death of WHOIS as an email source for Domain Control Validation (DCV).
-
Learn More
NIST's Security Flaw Database Still Backlogged with 17K+ Unprocessed Bugs. Not Great
News Article from Sectigo
News Article Oct 02, 2024NIST has made some progress clearing its backlog of security vulnerability reports to process – though it's not quite on target as hoped. The US government standards body just blew its self-imposed September 30 deadline to bring the speed at which its National Vulnerability Database (NVD) processes new flaws up to its pre-February rate, following a decline in output this year.
-
Listen Now
EPISODE 427
Broadcast Date:
October 2, 202416 minutes
Podcast Oct 02, 2024Root Causes 427: Mapping CLM to NIST CSF 2.0
In this episode we map the contributions of Certificate Lifecycle Management into the new NIST Cybersecurity Framework 2.0.
-
Learn More
Overcoming Certificate Lifecycle Management challenges
Blog Post from Sectigo
Blog Post Oct 01, 2024Automated CLM streamlines certificate management, reducing costs, minimizing outages, and boosting security, scalability, and compliance.
-
Learn More
Over two dozen critical bugs found in voter registration, court systems
News Article from Sectigo
News Article Oct 01, 2024“Many government systems are 20 to 30 years old and lack modern features like strong authentication, encryption, and access controls. These gaps make them vulnerable to attacks. The fact that attackers can easily alter voter databases or access legal records shows the limits of relying on reactive measures like penetration testing.” - Jason Soroko, senior fellow at Sectigo.
-
Watch Now
60 minutes
Webinar Oct 01, 2024How mature is your Certificate Lifecycle Management?
The surge in certificate usage has reached unprecedented levels, with industry standards for certificate lifespans progressively shrinking.
-
Learn More
Expired Certificate crashed $6 trillion Bank of England system
News Article from Sectigo
News Article Sep 30, 2024Network configuration, CA and SWIFT issues, and certificate expiration blamed for a series of RTGS outages the past year.