The Hacker News — Most Popular Cyber Security, Hacking News Site: digital Certificate

Stolen D-Link Certificate Used to Digitally Sign Spying Malware

Stolen D-Link Certificate Used to Digitally Sign Spying Malware

July 09, 2018Swati Khandelwal
Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discover...
The Rise of Super-Stealthy Digitally Signed Malware—Thanks to the Dark Web

The Rise of Super-Stealthy Digitally Signed Malware—Thanks to the Dark Web

November 05, 2017Swati Khandelwal
Guess what's more expensive than counterfeit United States passports, stolen credit cards and even guns on the dark web? It's d...
Critical DoS Flaw found in OpenSSL — How It Works

Critical DoS Flaw found in OpenSSL — How It Works

September 23, 2016Swati Khandelwal
The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be...
Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

Chinese Certificate Authority 'mistakenly' gave out SSL Certs for GitHub Domains

August 29, 2016Swati Khandelwal
A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a...
What is Certificate Transparency? How It helps Detect Fake SSL Certificates

What is Certificate Transparency? How It helps Detect Fake SSL Certificates

April 11, 2016Swati Khandelwal
Do you know there is a huge encryption backdoor still exists on the Internet that most people don't know about? I am talking abo...
Let's Encrypt Project issues its First Free SSL/TLS Certificate

Let's Encrypt Project issues its First Free SSL/TLS Certificate

September 15, 2015Swati Khandelwal
Last fall the non-profit foundation EFF ( Electronic Frontier Foundation ) launched an initiative called Let's Encrypt that aimed...
Free Encryption Project to issue First SSL/TLS Certificates Next Month

Free Encryption Project to issue First SSL/TLS Certificates Next Month

June 19, 2015Swati Khandelwal
Let's Encrypt , a project aimed to provide free-of-charge and easier-to-implement way to obtain and use a digital cryptographic cert...
Chinese Government Executes MITM Attack against iCloud

Chinese Government Executes MITM Attack against iCloud

October 20, 2014Mohit Kumar
Apple iCloud users in China are not safe from the hackers — believed to be working for Chinese government — who are trying to wiretap Ap...
POODLE SSL 3.0 Attack Exploits Widely-used Web Encryption Standard

POODLE SSL 3.0 Attack Exploits Widely-used Web Encryption Standard

October 14, 2014Wang Wei
Another Heartbleed-like vulnerability has been discovered in the decade old but still widely used Secure Sockets Layer ( SSL ) 3.0 cryptogra...
Android "Fake ID" Vulnerability Allows Malware to Impersonate Trusted Apps

Android "Fake ID" Vulnerability Allows Malware to Impersonate Trusted Apps

July 29, 2014Swati Khandelwal
Due to the majority in the mobile platform, Google’s Android operating system has been a prior target for cybercriminals and a recently...
Gmail App for iOS leaves Users vulnerable to Man-in-the-Middle Attacks

Gmail App for iOS leaves Users vulnerable to Man-in-the-Middle Attacks

July 11, 2014Swati Khandelwal
Google has failed to provide a very important security measure in its Gmail application for iOS that left millions of its Apple device u...
Google catches Indian Government Agency with Fake Digital Certificates

Google catches Indian Government Agency with Fake Digital Certificates

July 09, 2014Swati Khandelwal
Google has identified and blocked unauthorized digital certificates for a number of its domains issued by the National Informatics Cent...
Fake Digital Certificates Found in the Wild While Observing Facebook SSL Connections

Fake Digital Certificates Found in the Wild While Observing Facebook SSL Connections

May 11, 2014Swati Khandelwal
Visiting a website certified with an SSL certificate doesn’t mean that the website is not bogus. Secure Sockets Layer (SSL) protect the ...
Beware of Zeus Banking Trojan Signed With Valid Digital Signature

Beware of Zeus Banking Trojan Signed With Valid Digital Signature

April 06, 2014Anonymous
A new dangerous variant of ZeuS Banking Trojan has been identified by Comodo AV labs which is signed by stolen Digital Certificate whi...
98% of SSL enabled websites still using SHA-1 based weak Digital Certificates

98% of SSL enabled websites still using SHA-1 based weak Digital Certificates

February 06, 2014Anonymous
The National Institute of Standards and Technology (NIST) had published a document on Jan 2011 that the SHA-1 algorithm will be risky and ...