Tag: certificate authority
-
The Cloudflare Blog: Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1
Source URL: https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/ Source: The Cloudflare Blog Title: Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1 Feedly Summary: Unauthorized TLS certificates were issued for 1.1.1.1 by a Certification Authority without permission from Cloudflare. These rogue certificates have now been revoked. AI Summary and Description: Yes Summary: The text describes a serious incident involving…
-
Cloud Blog: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats/ Source: Cloud Blog Title: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats Feedly Summary: Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities…
-
The Register: Let’s Encrypt rolls out free security certs for IP addresses
Source URL: https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/ Source: The Register Title: Let’s Encrypt rolls out free security certs for IP addresses Feedly Summary: You probably don’t need one, but it’s nice to have the option Let’s Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.… AI Summary and Description:…
-
Slashdot: AWS Forms EU-Based Cloud Unit As Customers Fret
Source URL: https://slashdot.org/story/25/06/03/2024222/aws-forms-eu-based-cloud-unit-as-customers-fret?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AWS Forms EU-Based Cloud Unit As Customers Fret Feedly Summary: AI Summary and Description: Yes Summary: The establishment of the AWS European Sovereign Cloud (ESC) reflects growing European concerns regarding data sovereignty and trust in American tech companies. This initiative highlights AWS’s commitment to strong local controls, privacy, and…
-
The Register: Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps
Source URL: https://www.theregister.com/2025/04/22/ssl_com_validation_flaw/ Source: The Register Title: Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps Feedly Summary: 10 other certificates ‘were mis-issued and have now been revoked’ Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without authorization, digital certs for…
-
Cloud Blog: Windows Remote Desktop Protocol: Remote to Rogue
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol/ Source: Cloud Blog Title: Windows Remote Desktop Protocol: Remote to Rogue Feedly Summary: Written by: Rohit Nambiar Executive Summary In October 2024, Google Threat Intelligence Group (GTIG) observed a novel phishing campaign targeting European government and military organizations that was attributed to a suspected Russia-nexus espionage actor we track as UNC5837. The…
-
Hacker News: Offline PKI using 3 Yubikeys and an ARM single board computer
Source URL: https://vincent.bernat.ch/en/blog/2025-offline-pki-yubikeys Source: Hacker News Title: Offline PKI using 3 Yubikeys and an ARM single board computer Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the implementation of an offline Public Key Infrastructure (PKI) system using YubiKeys and an air-gapped environment, enhancing security against network threats. This approach is particularly…
-
NCSC Feed: Provisioning and securing security certificates
Source URL: https://www.ncsc.gov.uk/guidance/provisioning-and-securing-security-certificates Source: NCSC Feed Title: Provisioning and securing security certificates Feedly Summary: How certificates should be initially provisioned, and how supporting infrastructure should be securely operated. AI Summary and Description: Yes Summary: The text discusses the implementation and management of X.509v3 certificates and Public Key Infrastructure (PKI) necessary for securing communications in networks.…
-
Hacker News: Certificate Transparency in Firefox: A Big Step for Web Security
Source URL: https://blog.transparency.dev/ct-in-firefox Source: Hacker News Title: Certificate Transparency in Firefox: A Big Step for Web Security Feedly Summary: Comments AI Summary and Description: Yes Summary: The implementation of Certificate Transparency (CT) enforcement in Firefox marks a significant advancement in web security, enhancing protection against certificate fraud and man-in-the-middle attacks. This change demands compliance from…
-
Hacker News: Setting up a trusted, self-signed SSL/TLS certificate authority in Linux
Source URL: https://previnder.com/tls-ca-linux/ Source: Hacker News Title: Setting up a trusted, self-signed SSL/TLS certificate authority in Linux Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides a detailed technical guide on generating self-signed TLS certificates using OpenSSL and creating a custom Certificate Authority (CA) for local use, particularly for testing purposes. It…