DigiCert Blog

All posts under: News

  1. Shellshock Bash Bug: What You Need to Know

    Currently known as ‘Shellshock’ or ‘the bash bug,’ the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) affects almost all Linux, UNIX, and Mac OS X operating systems (which are based on UNIX). Administrators are being urged to patch immediately as the bug is wide-spread, extremely serious, and attacks exploiting it are easy to implement. There…


  2. Mozilla to Add SHA-1 Security Warnings

    Yesterday Mozilla announced that they too will discontinue trust in sites secured with SHA-1 certificates and will be adding a warning to both the Firefox Web Console and browser starting next year. In their blog post, Mozilla explained the security situation with SHA-1 and stated that they agreed with Microsoft and Google that SHA-1 certificates…


  3. What Is SHA-2 and How the SHA-1 Deprecation Affects You

    SSL Announcement

    SSL pulse currently reports that only 15% sites use SHA-256 certificates as of September 2014. Microsoft announced last year that it would end trust for SHA-1 SSL Certificates after January 1, 2017 to address possible threats in the future. Earlier this month, Google announced they would be adding warning indicators for sites using SHA-1 certificates expiring after…


  4. Android Browser Bug Allows Same Origin Policy Bypass

    The AOSP browser in pre-4.4 Android devices contains a vulnerability that allows hackers to see the contents of other web pages that are open during a browser session. This vulnerability affects a huge number of Android devices in use right now, and there is even a Metasploit module to exploit it. “This is a privacy…