Blog Archives

Important: The experts got the first collision of SHA-1

Rejection of the standard was too slow. On February 23, researchers, members of the Dutch Institute CWI, as well as experts from Google announced that they were able to crack SHA-1 standard in practice. This standard is used to digitally

Posted in Vulnerabilities Tagged with: , , ,

Symantec shared thoughts about cybersecurity in 2017

According to Symantec, the new year will be a new era of cybercrime. The volume of malware will only increase. As the announcement of Symantec, some states may enter into transactions with organized crime in order to gain personal benefit.

Posted in Vulnerabilities Tagged with: , ,

Why cannot ignore security alerts associated with SSL-certificates

Be sure to keep in mind the simple truth: in any case it is impossible to ignore the security notices in your browser. Do not assume that clicking on the “Accept” will necessarily lead to the fact that the site

Posted in Browser Errors, Validation, Vulnerabilities Tagged with: , , , , ,

How exactly will be called the next version of the TLS?

Will there be a version called TLS 1.3, TLS 4 or something else? Work on the next version already being conducted and is expected the final result will be ready in early 2017. It remains only to make small changes

Posted in Vulnerabilities, What is an SSL-Certificate Tagged with: , , , ,

Certificates Transparency: what you should know about it

Recently, we saw a lot of news about the certificates transparency. For example, the Google will make it mandatory in October 2017, and Mozilla has announced that they will support it. What is the general certificates transparency? Let’s start with

Posted in Browser Errors, CA, Validation, Vulnerabilities Tagged with: , , ,

SSL-certificate with SHA1 will be deprecated in 2017

Last days of SHA1 SSL-certificates is coming. Certificates of this type based on a cryptographic hash, which is calculated using the SHA-1 algorithm. Recent studies have shown that the SHA1 algorithm is not as strong as previously thought. Although no

Posted in Browser Errors, CA, Vulnerabilities Tagged with: , , , , ,

What you need to know about the upcoming Google updates security

On the threshold stands a new security update at Google, but it does nothing new for us. Google is actively worked on the protection of the network and users in recent years. Even in 2015, Google moved their promise to

Posted in Browser Errors, CA, Vulnerabilities, What is an SSL-Certificate Tagged with: , , , , ,

Google refused to trust certificates WoSign and StartCom

Following a similar decision taken by Mozilla and Apple, Google decided to abandon the new digital certificates issued by the two certification authorities – WoSign and StartCom. The reason is that these CAs are breaking the rules and industry best

Posted in CA, Validation, Vulnerabilities Tagged with: , , , , , , , , ,

Automating backup for the SSL-certificate: businesses need protection after an incident with Globalsign

Company’s existing online, decided to reduce their dependence on individual CAs using backup automation. A huge number of sites have become unavailable after the cross-certificate was revoked in error during routine maintenance of GlobalSign for the purpose of cleaning some

Posted in CA, Vulnerabilities Tagged with: , , , , , ,

Mozilla reduces the risk of rolling back encryption on Firefox

Over the past year was discovered several methods of attack on the encrypted channels, based on the decrease in the length of the keys to the export level (512-bit). One of them, LogJam, potentially allowing attacker, unlimited in resources, read

Posted in Vulnerabilities Tagged with: , , , ,

All about SSL

This site is dedicated to SSL-certificates. You will learn what is an SSL certificate, how to issue and reissue it. FAQ SSL will be useful for both novices and pros. SSL Knowledgebase contains sections on validation, trust logo, vulnerabilities, SSL-certificates differences by type (Wildcard, EV, DV, etc.), as well as many other things.