DigiCert Blog

The DigiCert Blog

  • OpenSSL Patches “Critical” & “Moderate” Security Vulnerabilities

    warningtriangle_red3_smaller

    Early this morning, the OpenSSL project team released two security patches—1.1.0b, and 1.0.2j—for two security vulnerabilities discovered in OpenSSL. These two new patches fix a “critical” severity vulnerability found in version 1.1.0a and a “moderate” severity vulnerability found in versions 1.0.2i. Neither of these bugs affect your SSL/TLS Certificates, and…


  • OpenSSL Patches 14 Security Vulnerabilities

    warningtriangle_red3_smaller

    Early this morning, the OpenSSL project team released three security patches—1.1.0a, 1.0.2i,  and 1.0.1u—for 14 security vulnerabilities discovered in OpenSSL. These three new patches fix one “high” severity, one “moderate” severity, and 12 “low” severity vulnerabilities. None of these bugs affect your SSL/TLS Certificates, and no actions are required related…


  • This Month in SSL: August 2016

    sslnews

    Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption New research released at Black Hat USA 2016 revealed major vulnerabilities in HTTP/2 protocol. Data Breaches A data breach caused by an employee at Sage U.K. software emphasized…


  • Sweet32 Birthday Attack: What You Need to Know

    shutterstock_454954024

    Today, researchers announced the Sweet32 Birthday attack, which affects the triple-DES cipher. Although the OpenSSL team rated the triple-DES vulnerability as low, they stated “triple-DES should now be considered as ‘bad’ as RC4.” DigiCert security experts as well as other security pros recommend disabling any triple-DES cipher on your servers. The Sweet32…