Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...
What is the ALPACA attack? The application layer protocol content confusion attack (ALPACA) was first disclosed in June and presented at Black Hat USA 2021. To understand ALPACA, it’s helpful to ...
The Certification Authority Browser Forum has voted to reduce Secure Sockets Layer/Transport Layer Security certificates to 47 days by March 2029, in a move that will radically alter existing security ...
SSL/TLS, the protocol that protects security of e-commerce, has taken a beating lately, with news items ranging from the violation of certificate authorities to the discovery of an exploit that beats ...
Every digital transaction—checkout, login, API call—runs on a hidden foundation of millions of machine identities. Transport Layer Security (TLS) certificates, just one type of machine identity, are ...
The Exim mail transfer agent (MTA) software is impacted by a critical severity vulnerability present in versions 4.80 up to and including 4.92.1. The bug allows local or unauthenticated remote ...
SSL.com was mis-issuing SSL certificates by wrongly interpreting email addresses submitted for verification, allowing attackers to potentially impersonate brands and conduct data theft. A flaw in ...