DigiCert Blog

All posts under: Data Security

  1. IoT Security: When Fiction Becomes Reality – Part II

    In my last post, I discussed the need for infosec professionals to reach out to engineering to help bridge the cultural divide and be seen as partners in IoT project success. We need to be humble and help them realize how good security practices are as vital as making sure the switches work. Otherwise, their…


  2. Private Internet 101

    It’s happened to all of us: you spend ten minutes reading about the latest diet trend online and next thing you know, Google ads are telling you to lose weight for weeks. Obnoxious ads using cookies are just one reason that Internet users are concerned about the information being shared by mainstream browsers and search engines—the main…


  3. FREAK Attack: What You Need to Know

    Currently known as ‘FREAK,’ this vulnerability (CVE-2015-0204) allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography. This export-grade cryptography includes out-of-date encryption key lengths that can then easily be decrypted. This vulnerability does not effect on SSL Certificates and does not require any action related to…


  4. IoT Security: When Fiction Becomes Reality – Part I

    It’s always interesting to observe what was once thought to be a far-fetched idea in a work of fiction become reality. Some say Arthur C. Clarke predicted the iPad with in his 1968 novel, “2001: A Space Odyssey,” when he named an electronic news source the “Newspad.” In his short story, “Solution Unsatisfactory,” some think…


  5. Superfish-like Behavior Found Again with Komodia and PrivDog

    Since last week’s Superfish revelation, researchers have unveiled additional adware and security applications that also subvert HTTPS and our system of online trust. Komodia/Lavasoft Komodia is an SSL interception module for Windows that is installing a self-signed CA root certificate onto local operating system root stores. Compounding matters, Komodia uses duplicate digital certificates across all…