-
News Article Oct 04, 2024
A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.
-
News Article Oct 04, 2024
An Ivanti flaw in its Endpoint Manager (EPM) has been exploited despite being identified and patched in May.
-
Blog Post Oct 04, 2024
Despite years of awareness, basic cybersecurity practices like strong passwords, MFA, and phishing alerts are still essential in our fast-paced world.
-
Podcast Oct 04, 2024
Root Causes 428: .MOBI Attack Puts WHOIS-based DCV into Question
White hat researchers managed to take over WHOIS for the .mobi TLD, foretelling the death of WHOIS as an email source for Domain Control Validation (DCV).
-
News Article Oct 02, 2024
NIST has made some progress clearing its backlog of security vulnerability reports to process – though it's not quite on target as hoped. The US government standards body just blew its self-imposed September 30 deadline to bring the speed at which its National Vulnerability Database (NVD) processes new flaws up to its pre-February rate, following a decline in output this year.
-
Podcast Oct 02, 2024
Root Causes 427: Mapping CLM to NIST CSF 2.0
In this episode we map the contributions of Certificate Lifecycle Management into the new NIST Cybersecurity Framework 2.0.
-
Blog Post Oct 01, 2024
Automated CLM streamlines certificate management, reducing costs, minimizing outages, and boosting security, scalability, and compliance.
-
News Article Oct 01, 2024
“Many government systems are 20 to 30 years old and lack modern features like strong authentication, encryption, and access controls. These gaps make them vulnerable to attacks. The fact that attackers can easily alter voter databases or access legal records shows the limits of relying on reactive measures like penetration testing.” - Jason Soroko, senior fellow at Sectigo.
-
Webinar Oct 01, 2024
How mature is your Certificate Lifecycle Management?
The surge in certificate usage has reached unprecedented levels, with industry standards for certificate lifespans progressively shrinking.
-
News Article Sep 30, 2024
Network configuration, CA and SWIFT issues, and certificate expiration blamed for a series of RTGS outages the past year.
-
Podcast Sep 30, 2024
Root Causes 426: Expired Certificate Takes Down Bank of England
A certificate expiration is now known to have created July's outage of Bank of England. Join us as we shake our heads in amazement yet again.
-
Podcast Sep 27, 2024
Root Causes 425: PQC Requirements for Voting Systems
In honor of the upcoming US elections, we describe the six main requirements for a post-quantum voting system.