Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
5 résultats taggé certificates  ✕
SSL/TLS certificates will last 47 days max by 2029 https://www.theregister.com/2025/04/14/ssl_tls_certificates/
15/04/2025 09:52:37
QRCode
archive.org
thumbnail

CA/Browser Forum – a central body of web browser makers, security certificate issuers, and friends – has voted to cut the maximum lifespan of new SSL/TLS certs to just 47 days by March 15, 2029.

Today the certificates, which underpin things like encrypted HTTPS connections between browsers and websites, are good for up to 398 days before needing to be renewed. Apple put out a proposal last year to cut the maximum time between renewals, and got support from Big Tech pals.

Their argument being that shorter renewal periods mean compromised or stolen certificates can be abused for at the most days or weeks rather than months before expiring. On the one hand, that may mean more purchases from certificate issuers for cert holders; on the other, Let's Encrypt provides perfectly good certificates for free and also helps automate the renewal process.

theregister EN 2025 certificates Browser-Forum SSL/TLS 2029
Ask Fitis, the Bear: Real Crooks Sign Their Malware https://krebsonsecurity.com/2023/06/ask-fitis-the-bear-real-crooks-sign-their-malware/
02/06/2023 09:34:44
QRCode
archive.org

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive…

krebsonsecurity EN 2023 Code-signing trust certificates Megatraffer
Samsung, LG, Mediatek certificates compromised to sign Android malware https://www.bleepingcomputer.com/news/security/samsung-lg-mediatek-certificates-compromised-to-sign-android-malware/
02/12/2022 15:27:16
QRCode
archive.org
thumbnail

Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware.

bleepingcomputer 2022 Android Certificates LG Malware MediaTek Platform-Certificate Samsung
Chromium Blog: Announcing the Launch of the Chrome Root Program https://blog.chromium.org/2022/09/announcing-launch-of-chrome-root-program.html
21/09/2022 23:28:46
QRCode
archive.org
thumbnail

In 2020, we announced we were in the early phases of establishing the Chrome Root Program and launching the Chrome Root Store.

The Chrome Root Program ultimately determines which website certificates are trusted by default in Chrome, and enables more consistent and reliable website certificate validation across platforms.

This post shares an update on our progress and how these changes help us better protect Chrome’s users.

chromium EN 2022 root store certificates trust
Malware now using stolen NVIDIA code signing certificates https://www.bleepingcomputer.com/news/security/malware-now-using-stolen-nvidia-code-signing-certificates/
06/03/2022 10:28:17
QRCode
archive.org
thumbnail

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows.

This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data.

bleepingcomputer Nvidia certificates malware EN 2022 code signing
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio