Filter Blogs expand_more
Blog add
Authors add
Solutions add
Product Categories add
13 Results for 'vulnerabilities'
Blog

By Entrust Datacard

September 05, 2014

With the ever-expanding Internet of Things (IOT), Wi-Fi connections can now be found on devices as varied as televisions, baby monitors and light bulbs. Unfortunately for consumers, the rapid growth of the IoT is being matched by an equally fast rise in security concerns. As the IoT continues to grow, businesses cannot ignore the technology, Entrust Datacard recommends steps to protect against the vulnerabilities inherent in it.
Blog

By Entrust Datacard

July 14, 2015

As the transmission of information increases and businesses pursue more mobile-centered options, these developments create risks in addition to possibilities. But the vulnerabilities of an increasingly digital world can be mitigated via the implementation of centralized digital certificate management. As SSLShopper has pointed out, SSL certificates play a huge role in keeping data secure as it is in transit. The principle behind an SSL certificate is it that secures information so that the data being sent is only accessible to the specific recipient. This protects against the risks that could befall insecure data, such as information tampering and spying. In a typical enterprise workflow, privileged data is transmitted frequently. Without SSL, that information immediate becomes vulnerable. Here are three top reasons why SSL certificates are still vital for businesses:
Blog

By Bruce Morton

April 15, 2015

As of April 1st, 2015, the lifetime of SSL certificates has now been reduced to 39 months, in accordance with the CA/Browser Forum Baseline Requirements. Moving forward, consider using shorter life certificates. Even though the maximum validity period is now 39 months, you can drop this validity period to one or two years. Consider the validity period as the backstop to protecting your private key, your website, and your user’s data. But remember one important item, when you renew your certificate, please create a new private key. 
Blog

By Bruce Morton

August 19, 2015

Entrust is providing the SSL Server Compliance Timeline. This timeline will inform you of modifications to the SSL/TLS industry. The SSL Server Compliance Timeline will track industry compliance issues from the CA/Browser Forum and the browser manufacturers. The timeline will track attacks and vulnerabilities. For each item, the timeline will also advise who will take the action and when it has to be addressed. 
Blog

By Bruce Morton

December 14, 2015

Looking Back at 2015 A number of new tactics proved 2015 was no exception to an active year defending against ever increasing security issues. Vendors found new and creative ways to provide vulnerabilities including the now popular man-in-the-middle (MitM) attacks. MitM as well as a host of other new vulnerabilities caused browsers to rethink their security requirements. This article gives a flashback of the exploits and industry changes from 2015 and looks ahead at the latest security requirements and how it impacts IT security teams
Blog

By Bruce Morton

December 02, 2015

Research indicates that SHA-1 signed SSL/TLS certificates face increasing vulnerabilities forcing leading browsers to reconsider how long they will support this technology. This blog outlines dates around the phasing out of SHA-1.
Blog

By Entrust Datacard

December 28, 2015

The progression of cybersecurity mostly occurs in step with the continued evolution of technology in order to ensure that every innovation is as secure as it is functional. As time passes, the level of complexity of information and communication technology continues to introduce new vulnerabilities, presenting cybersecurity professionals with unique challenges. Let's take a look at some of the top cybersecurity trends that lie in wait in 2016.
Blog

By Bruce Morton

July 26, 2016

Emerging vulnerabilities underscore the argument for creating a safer Internet for everyone including domain owners by using HTTPS Everywhere, as called for by Google in 2014. The HTTPoxy vulnerability sends us yet another signal to use HTTPS Everywhere, including internal sites.
Blog

By Bruce Morton

September 19, 2013

Watchers of the SSL industry follow SSL protocol attacks such as BEAST, CRIME, Lucky 13 and RC4 closely. They also track the rare certification authority (CA) attacks such as Comodo or DigiNotar. But they don’t seem to spend much time following attacks to the domain name registration system (DNS).
Blog

By Sandra Carielli

October 20, 2016

Researchers have demonstrated several vulnerabilities in MD5. The IETF has prohibited RC4 for use in TLS. More recently, you may have dealt with the impact of SHA-1 being removed as an acceptable algorithm in many standards, including PCI and CAB Forum, according to Entrust Datacard. 
Page 1 of 2