-
Podcast Aug 03, 2023
Root Causes 323: Update on Microsoft Key Compromise
In this follow up to our episode 320, we explain Microsoft's mitigation and new understanding that shows its impact to be broader than originally thought.
-
Podcast Jul 31, 2023
Root Causes 322: RIP Kevin Mitnick
In July famous security researcher Kevin Mitnick passed away. We briefly pay tribute to Kevin and talk about his contributions to white hat hacking.
-
Podcast Jul 27, 2023
Root Causes 321: CABF Moratorium on New Certificate Consumer Members
The CA/Browser Forum recently passed a temporary moratorium on new members of the Certificate Consumer class.
-
Podcast Jul 24, 2023
Root Causes 320: Microsoft-signed Root Kit Attack
A new root kit attack in the wild is code signed by a Microsoft certificate. We explain kernel-level attacks and how this attack occurred.
-
Podcast Jul 21, 2023
Root Causes 319: EU Digital Wallets
A new agreement mandates that European countries will make digital wallets available to their citizens in 2024.
-
Podcast Jul 18, 2023
Root Causes 318: What Is ACME Renewal Information (ARI)?
A new extension to the ACME certificate protocol will help automate renewals. In this episode we explain ACME Renewal Information (ARI).
-
Podcast Jul 13, 2023
Root Causes 317: New Automotive CAN Bus Attacks Demand PKI
The CAN bus wires in a modern automobile can allow a thief to steal the vehicle. We explain how PKI can defeat this attack.
-
Podcast Jul 11, 2023
Root Causes 316: SquareSpace Acquires Google Domains
SquareSpace recently acquired Google's domain registry business. We discuss what this move says about large technology trends.
-
Podcast Jul 07, 2023
Root Causes 315: Will the SEC Sue SolarWinds Executives?
The SEC has sent "Wells notices" to two senior executives from SolarWinds, with regard to the 2019 to 2020 supply chain attack.
-
Podcast Jul 05, 2023
Root Causes 314: AI-based Deepfakes in Real Crimes
We discuss a variety of real-world crimes in which deepfakes have played a role.
-
Podcast Jun 23, 2023
Root Causes 313: SSL Revocation Reason Codes
We explain the allowed public SSL revocation reason codes, along with some explicitly forbidden reason codes and the backstory behind them.
-
Podcast Jun 20, 2023
Root Causes 312: Why You Shouldn't Roll Your Own Crypto
Don't roll your own crypto. We describe the findings from 2021 research that investigating the root causes of problems in cryptographic systems.