DigiCert Blog

All posts under: Vulnerabilities

  1. This Month in SSL: April 2016

    Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption Google recently released a list of Certificate Authorities that are not trusted by browsers. Data Breaches A cybercriminal attempted to sell sensitive information for 1.5 million Verizon customers on the black market…


  2. This Month in SSL: March 2016

    Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption Security researchers have discovered a flaw dubbed the DROWN vulnerability that allows an attack to decrypt traffic from secure servers supporting SSLv2, which is obsolete. Soon after researchers announced the vulnerability, OpenSSL…


  3. OpenSSL Patches Seven Security Vulnerabilities

    Yesterday morning, OpenSSL released two patches—versions 1.0.2g and 1.0.1s—for seven new security vulnerabilities that were found in OpenSSL versions 1.0.1 and 1.0.2. These patches fix one “high” severity and six “low” severity vulnerabilities. One High Severity Vulnerability The OpenSSL advisory explained that the high severity vulnerability known as DROWN (Decrypting RSA with Obsolete and Weakened…


  4. Preventing the DROWN Attack

    Researchers recently uncovered the DROWN vulnerability in SSL v2. DROWN stands for Decrypting RSA with Obsolete and Weakened encryption. It affects HTTPS and other services that rely on the SSL and TLS protocols. Attackers can use the DROWN vulnerability to break the encryption that is used to protect your sensitive data from prying eyes. If…


  5. Making the Most of Vulnerability Scanners

    While it’s definitely no easy task, regular vulnerability checks are an essential component of any healthy network. The narrow amount of time it takes for hackers to find and exploit vulnerabilities makes these checks crucial in data protection. Likewise, the ever-changing climate of Internet security demands that admins frequently check for vulnerabilities in order to…