Old SSL Certificates May Be Putting Your Online Security at Risk Scott Carter Wed, 09/19/2018 - 09:07 There used to be no simple way to track expired SSL certificates. Then in 2013, Google launched their Certificate Transparency project. According to the website: “Google's Certificate Transparency project fixes several structural flaws ... Read More

Slow IT vs Fast IT: Resolving Chaos around Machine Identities Scott Carter Tue, 09/18/2018 - 17:05 In particular, I’d like to explore how Fast IT challenges many of the conventions that have previously governed strategies for machine identity protection. Machine identities are a combination of keys and certificates that create ... Read More

Will the Adoption of HTTPS and Chrome Updates Provide a Solution to SSL Stripping Attacks? Scott Carter Mon, 09/17/2018 - 15:35 Because of the abstract nature of internet connections, people think that a connection to a static website is secure over HTTP. However, the traffic travels through many points to ... Read More

Should the DoD Be Wary of Wildcard Certificates? Scott Carter Thu, 09/13/2018 - 11:50 Wildcard certificates may, at first glance, seem to be a credible alternative to root certificate authority. They’re public key certificates used by all subdomains within a larger domain. Site operators can quickly secure countless subdomains, all ... Read More

86% of IT Security Professionals Say the World Is in a Cyber War Scott Carter Tue, 09/11/2018 - 18:01 So, how is the industry responding to the current state of global cyber security relations? Venafi conducted a survey at the Black Hat conference in Las Vegas to learn the views ... Read More

What Are SSL Stripping Attacks? Scott Carter Tue, 07/26/2022 - 18:00 61138 views A bit of history The creator of SSL strip vulnerability is Moxie Marlinspike, a well-known American computer security researcher. In 2009, he spoke about this dangerous SSL weakness for the first time at the Black Hat information security ... Read More

Can Attackers Circumvent Domain Validation to Spoof Your Website? Scott Carter Sun, 09/09/2018 - 10:01 The details of the vulnerability are a bit cat and mouse right now. The reason that we know about it at all is that the The Register has apparently seen an early copy of a ... Read More

3 Reasons You Need a Root of Trust When Orchestrating Machine Identities Scott Carter Wed, 09/05/2018 - 11:13 The Growing IoT and Need for Trust The rate at which IoT machines are being deployed across enterprise networks is rapidly accelerating. The IoT focuses on collecting data and maintaining situational awareness ... Read More

Five Eyes Alliance War Against Encryption: Is Your Privacy Not Private? Scott Carter Tue, 09/04/2018 - 15:01 The FVEY targets to increase government powers to seek access to otherwise private information when the courts authorized it, a concept known as “lawful access”. Although the involved governments recognize that “Encryption is ... Read More

Would You Borrow Money Using Your Mobile Device? Scott Carter Tue, 09/04/2018 - 11:56 For those who don’t use mobile banking, here are some capabilities that mobile banking apps offer: Review account balance Get e-statements Transfer funds to different accounts Receive mobile alerts upon receipt of direct deposits Pay bills ... Read More