certificate pinning – Experimental News Clipping Site

Bulletins: Vulnerability Summary for the Week of June 23, 2025

Jun 30, 2025

—

by

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-181 Source: Bulletins Title: Vulnerability Summary for the Week of June 23, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 70mai–M300 A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet…

CSA: Technical Debt vs. Challenges: Know the Difference

Apr 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.zscaler.com/cxorevolutionaries/insights/knowing-difference-between-two-types-technical-challenges-key-smarter-decisions Source: CSA Title: Technical Debt vs. Challenges: Know the Difference Feedly Summary: AI Summary and Description: Yes Summary: The text outlines the distinction between vendor-related and technology-related challenges in technical problem-solving, specifically highlighting the implications for cybersecurity and infrastructure. It emphasizes the importance of understanding the nature of the problem in order…

Hacker News: Disabling cert checks: we have not learned much

Feb 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://daniel.haxx.se/blog/2025/02/11/disabling-cert-checks-we-have-not-learned-much/ Source: Hacker News Title: Disabling cert checks: we have not learned much Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the critical significance of certificate verification in SSL/TLS communication, particularly highlighting the history and evolution of the curl and libcurl libraries in handling SSL verification. It emphasizes the…

Bulletins: Vulnerability Summary for the Week of January 20, 2025

Jan 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-026 Source: Bulletins Title: Vulnerability Summary for the Week of January 20, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aEnrich Technology–a+HRD The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database…

Hacker News: F-Droid Fake Signer PoC

Jan 3, 2025

—

by

system automation

in Uncategorized

Source URL: https://github.com/obfusk/fdroid-fakesigner-poc Source: Hacker News Title: F-Droid Fake Signer PoC Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses vulnerabilities in the APK signing process for Android, specifically how certain implementations of fdroidserver and related tools can be exploited, leading to potential bypasses of certificate pinning. This is critical for professionals…

Hacker News: Avoiding downtime: modern alternatives to outdated certificate pinning practices

Sep 29, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.cloudflare.com/why-certificate-pinning-is-outdated Source: Hacker News Title: Avoiding downtime: modern alternatives to outdated certificate pinning practices Feedly Summary: Comments AI Summary and Description: Yes Summary: The text critically examines the practice of certificate pinning in the evolving landscape of Public Key Infrastructure (PKI). It highlights the risks and management challenges associated with keeping pinned certificates…

Tag: certificate pinning

Bulletins: Vulnerability Summary for the Week of June 23, 2025

CSA: Technical Debt vs. Challenges: Know the Difference

Hacker News: Disabling cert checks: we have not learned much

Bulletins: Vulnerability Summary for the Week of January 20, 2025

Hacker News: F-Droid Fake Signer PoC

Hacker News: Avoiding downtime: modern alternatives to outdated certificate pinning practices