The Last Watchdog

AUGUST 8, 2023

8, 2023 – DigiCert today announced the expansion of its certificate management platform, DigiCert Trust Lifecycle Manager, to provide full lifecycle support for multiple CAs including Microsoft CA and AWS Private CA, as well as integration with ServiceNow to support existing IT service workflows. Lehi, Utah, Aug.

Authentication 100

Authentication Technology VPN Software 100

Malwarebytes

JULY 29, 2021

So, pass the hash is the name for a technique that allows an attacker to authenticate to a remote server or service by using the hash of a user’s password, instead of requiring the associated plaintext password as is normally the case. Enable EPA for Certificate Enrollment Web Service, “Required” being the more secure and recommended option.

Authentication 135

Authentication Passwords Encryption System Administration 135

The Hacker News

OCTOBER 28, 2023

ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. The attacker has issued several new TLS certificates using Let's Encrypt service which were used to hijack encrypted STARTTLS ru (aka xmpp[.]ru),

Encryption 115

Encryption 115

Krebs on Security

AUGUST 9, 2022

Redmond also addressed multiple flaws in Exchange Server — including one that was disclosed publicly prior to today — and it is urging organizations that use Exchange for email to update as soon as possible and to enable additional protections. See Microsoft’s blog post on the Exchange Server updates for more details.

Authentication 230

Authentication Internet Internet Cyber threats 230

Security Boulevard

MARCH 22, 2024

SSH (Secure Shell) is a secure communication protocol widely used to enable secure access to remote devices and servers over an unsecured network like the Internet. stands as a strong and reliable guardian of data integrity and confidentiality.

Internet 61

Internet Internet Authentication 61

Security Affairs

FEBRUARY 18, 2024

and earlier from the respective version family ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server) 10.0.12014.0, and earlier from the respective version family ESET Mail Security for Microsoft Exchange Server 10.1.10010.0, 10.0.10017.0, 10.0.10017.0, 10.0.10017.0,

Antivirus 136

Antivirus Internet Internet Cybersecurity 136

Schneier on Security

MARCH 16, 2022

Printer users can use the keys to generate a Certificate Signing Request. Böck also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). The weak Canon keys are tracked as CVE-2022-26351.

Manufacturing 263

Manufacturing Encryption 263

Security Affairs

APRIL 11, 2024

The issues impact Microsoft Windows and Windows Components; Office and Office Components; Azure; NET Framework and Visual Studio; SQL Server; DNS Server; Windows Defender; Bitlocker; and Windows Secure Boot. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017.

Malware 121

Malware DNS Mobile Software 121

Security Affairs

APRIL 10, 2024

The issues impact Microsoft Windows and Windows Components; Office and Office Components; Azure; NET Framework and Visual Studio; SQL Server; DNS Server; Windows Defender; Bitlocker; and Windows Secure Boot. CVE-2024-26221 – Windows DNS Server Remote Code Execution Vulnerability.

DNS 111

DNS Authentication Hacking 111

Security Affairs

NOVEMBER 25, 2023

MagicLine4NX is a joint certificate program developed by Dream Security, a South Korean company. It enables users to perform logins with a joint certificate and digitally sign transactions. Following that, the threat actors illicitly accessed an internet-side server from a network-connected PC by exploiting a system vulnerability.

Software 119

Software Authentication Internet Internet 119

Google Security

MARCH 2, 2023

Andy Warner, Google Trust Services, and Carl Krauss, Product Manager, Google Domains We’re excited to announce changes that make getting Google Trust Services TLS certificates easier for Google Domains customers. Using ACME ensures your certificates are renewed automatically and many hosting services already support ACME.

DNS 94

DNS Accountability Authentication Internet 94

Tech Republic Security

AUGUST 26, 2021

If you need to generate quick SSL certificates for test servers and services, mkcert might be the fastest option available. Jack Wallen shows you how to use this handy tool.

145

145

Security Boulevard

JANUARY 11, 2024

Digital certificates like Secure Sockets Layer / Transport Layer Security (SSL / TLS) help secure online communication by authenticating web servers and encrypting messages. The post How the Online Certificate Status Protocol and OCSP Stapling work & more appeared first on Security Boulevard.

Authentication 57

Authentication Encryption 57

Bleeping Computer

SEPTEMBER 20, 2021

Threat actors are compromising Windows IIS servers to add expired certificate notification pages that prompt visitors to download a malicious fake installer. [.].

Hacking 141

Hacking 141

Security Affairs

FEBRUARY 2, 2022

509 certificate (and corresponding private key). The certificate is used to establish a communication with the server before the agent is activated. “The Trend Micro Deep Security Agent authenticates remote servers using mutual TLS (mTLS): Both the server and the agent identify each other by presenting a certificate.

Software 93

Software Authentication Hacking Cybersecurity 93

Schneier on Security

OCTOBER 23, 2019

There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates. Those certificates might be issued for other servers in NordVPN's network or for a variety of other sensitive purposes.

VPN 127

VPN Encryption Internet Internet 127

The Last Watchdog

APRIL 21, 2021

Someone reportedly forgot to renew Spotify’s TLS certificate. The outage lasted about an hour, until the certificate in question got renewed. If Spotify has an excuse, it is that the complexity of issuing and managing digital certificates has become prodigious. Here are key takeaways: PKI on centerstage.

Digital transformation 211

Digital transformation Encryption Authentication Government 211

Security Affairs

APRIL 24, 2024

The infection process begins when eScan requests an update from the update server. GuptiMiner connects directly to malicious DNS servers, bypassing the DNS network entirely. Although the servers requested by GuptiMiner exist, it’s likely an evasion tactic. ” reads the analysis published by Avast.

Antivirus 110

Antivirus Malware DNS Cryptocurrency 110

CSO Magazine

NOVEMBER 1, 2022

Organizations should still determine which of their applications and servers are impacted and deploy the patches as soon as possible. 509 certificate verification. 509 certificates, also commonly known as SSL/TLS certificates. The vulnerabilities affect all versions of OpenSSL 3.0, Buffer overflows in X.509

DNS 119

DNS 119

Security Affairs

APRIL 10, 2024

The issues impact Microsoft Windows and Windows Components; Office and Office Components; Azure; NET Framework and Visual Studio; SQL Server; DNS Server; Windows Defender; Bitlocker; and Windows Secure Boot. CVE-2024-26221 – Windows DNS Server Remote Code Execution Vulnerability.

DNS 88

DNS Authentication Hacking 88

Security Affairs

SEPTEMBER 25, 2020

This choice could allow an attacker to present a valid SSL certificate and carry out man-in-the-middle (MitM) attacks on employees’ connections. Validity – A date this certificate is valid through Issuer information – Information about the issuer of the certificate (the same entity that signed the certificate).

VPN 111

VPN Hacking IoT Advertising 111

Security Affairs

AUGUST 25, 2022

FoggyWeb allows operators to exfiltrate the configuration database of compromised AD FS servers, decrypt token-signing certificates and token-decryption certificates , and download and execute additional malware components. ” reads the analysis published by Microsoft. ” concludes the report.

Malware 122

Malware Authentication Telecommunications Government 122

The Hacker News

JANUARY 28, 2023

Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads.

92

92

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. “web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers.

Hacking 347

Hacking Cybercrime DNS Antivirus 347

Tech Republic Security

SEPTEMBER 13, 2021

If you need to generate quick SSL certificates for test servers and services, this might be the fastest option available. Jack Wallen shows you how to use mkcert.

114

114

The Last Watchdog

JUNE 1, 2021

The Pharming attacks are carried out by modifying the settings on the victim’s system or compromising the DNS server. The second way to redirect traffic is by exploiting the DNS server vulnerabilities and poisoning the DNS. The good thing is that the DNS servers are tough to exploit as they have a good defense mechanism.

DNS 210

DNS Phishing Social Engineering Cyber Attacks 210

Bleeping Computer

OCTOBER 11, 2021

National Security Agency (NSA) is warning of the dangers stemming from the use of broadly-scoped certificates to authenticate multiple servers in an organization. These include a recently disclosed ALPACA technique that could be used for various traffic redirect attacks. [.].

Risk 134

Risk Authentication 134

Security Affairs

MARCH 25, 2021

The OpenSSL Project addresses two high-severity vulnerabilities, including one related to verifying a certificate chain and one that can trigger a DoS condition. An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. The issue affects servers running OpenSSL 1.1.1

Hacking 126

Hacking Information Security Malware 126

Malwarebytes

SEPTEMBER 15, 2021

Secure Sockets Layer (SSL) certificates are what cause your browser to display a padlock icon, indicating that your connection to a websites is secure. Although the padlock may soon be hidden from view , certificates aren’t going anywhere. What is the purpose of SSL certificates? How do SSL certificates work?

Encryption 97

Encryption Authentication Engineering Phishing 97

Security Affairs

APRIL 30, 2022

Researchers discovered flaws in the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. Microsoft addressed a couple of vulnerabilities impacting the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region.

Authentication 98

Authentication Accountability Hacking Cybersecurity 98

Security Boulevard

MAY 7, 2021

Every day thousands of SSL certificates expire. Our websites stay secure, our servers keep humming, and it’s business as usual. Another SSL certificate expires. In this blog, we’ll unpack why certificates expire, what happens when they do, and how to respond effectively. Then it happens. What happens next?

103

103

Approachable Cyber Threats

JULY 3, 2023

” At the beginning of the internet’s popularity, HTTP (Hypertext Transfer Protocol), was used to transmit data between clients (web browsers) and web servers. However, any data transmitted between the client and server was not protected. How are SSL and TLS involved in this?”

Internet 96

Internet Internet Encryption Cybersecurity 96

SecureList

JULY 28, 2023

One of the most complex yet effective methods of gaining unauthorized access to corporate network resources is an attack using forged certificates. Attackers create such certificates to fool the Key Distribution Center (KDC) into granting access to the target company’s network. But there is an alternative way.

Authentication 70

Authentication Passwords Accountability Software 70

Google Security

AUGUST 10, 2023

Effectively, this means that in situations where the browser process needs access to data from external sources, it must be read from Google servers. For features like this, that communication can be considered trustworthy if it comes from a pinned HTTPS server. Chrome verifies the certificate before continuing.

Risk 79

Risk Authentication Architecture Backups 79

Security Affairs

DECEMBER 1, 2021

Network Security Services ( NSS ) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. 509 v3 certificates, and other security standards. Applications using NSS for certificate validation or other TLS, X.509, Follow me on Twitter: @securityaffairs and Facebook.

Network Security 127

Network Security Hacking Information Security 127

Security Boulevard

JANUARY 11, 2024

Digital certificates, used with the protocol ‘TLS’ (Transport Layer Security, previously known as ‘SSL’ or Secure Socket Layers) establish secure connections between your web server and the browsers visitors use to view your site. They ensure the user’s browser regards your site as authentic and not as a cybersecurity threat.

Authentication 57

Authentication Cybersecurity 57

CyberSecurity Insiders

DECEMBER 2, 2022

In other news related to the malware and stealing info from android OS loaded devices, some hackers are found using platform certificates often used by OEM vendors to digitally sign core systems apps.

Accountability 115

Accountability Malware Education Software 115