Let’s Encrypt
Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT
Richi Jennings | | certificate authorities, HTTPS, Let's Encrypt, Russia, sanctions, SB Blogwatch, This is turning into a truly miserable time for ordinary people in Russia, TLS, Ukraine
Websites in Russia can’t renew their TLS/HTTPS certs. Moscow’s solution is to create a new certificate authority. But the man-in-the-middle threat should be obvious ...
Security Boulevard
Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others
BrianKrebs | | A Little Sunshine, Chris Ueland, escrow.com, godaddy.com, Latest Warnings, Let's Encrypt, Matt Barrie, SecurityTrails, The Coming Storm
A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world's largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify ...
Reverse Proxy and TLS Termination
Erik Hjelmvik | | ALPN, certbot, decrypt, http, HTTPS, IMAPS, Let's Encrypt, pcap, PolarProxy, reverse proxy, reverse SSL proxy, reverse TLS proxy, SNI, ssl, TLS, TLS Termination Proxy
PolarProxy is primarily a TLS forward proxy, but it can also be used as a TLS termination proxy or reverse TLS proxy to intercept and decrypt incoming TLS traffic, such as HTTPS ...
IoT Device Attacks, FCC Fines Mobile Carriers, Let’s Encrypt Certificate Bug
Tom Eston | | ajit pai, Cybersecurity, Data breach, Data Privacy, fcc, HTTPS, Internet of things, iot, Let's Encrypt, location data, Mobile, passwords, Podcast, Podcast Episodes, Privacy, smartphone, ssl, T-Mobile, TLS, Weekly Blaze Podcast
In episode 111 for March 9th 2020: A new report shows that attacks on Internet of Things devices are on the rise, the FCC fines major mobile carriers for selling users’ location ...
Let’s Encrypt Says It Will Revoke 3M Certificates Due to Software Bug
David Bisson | | Bug, certificate, IT Security and Data Protection, Latest Security News, Let's Encrypt
Non-profit certificate authority (CA) Let’s Encrypt announced it will revoke more than three million digital certificates due to a software bug. On March 3, Let’s Encrypt revealed its plan to revoke 3,048,289 ...
Chrome to mark HTTP as ‘not secure’
Health Security Solutions | | android, Browsers, Chrome, encryption, google, http, HTTPS, ISP, Let's Encrypt, lighthouse, Mac, security, Web & Cloud, Windows
Google Chrome currently marks HTTPS-encrypted sites with a green lock icon and “Secure” sign. And starting in July, Chrome will mark all HTTP sites as "not secure.” Google hopes this move will ...
Free HTTPS Wildcard Certificates Are Now Available
Lucian Constantin | | CCleaner, HTTPS adoption, Let's Encrypt, Malware, supply chain attack, wildcard certificate
Not-for-profit certificate authority Let’s Encrypt has started issuing wildcard HTTPS certificates for free, allowing organizations with a large number of web assets to significantly simplify their certificate management. Let’s Encrypt has been ...
Security Boulevard