DigiCert Blog

All posts under: Vulnerabilities

  1. OpenSSL Patches a “High” Severity Security Vulnerability

    Earlier this morning, OpenSSL released a security patch to fix a new vulnerability discovered in OpenSSL versions 1.0.2 and 1.0.1. This patch fixes one high severity vulnerability, which primarily affects clients. This bug does not affect private keys for DigiCert SSL Certificates, and no action related to certificate management is required. During certificate verification, OpenSSL (starting…


  2. Governments Rank Last in 2015 Software Security Report

    While the healthcare industry’s lack of security infrastructure has dominated much of the conversations about security in 2015, these conversations have failed to acknowledge that government institutions rank even lower in security procedures. In an article published recently by CSO Online, writer Maria Korolov reports the results of Veracode’s 2015 State of Software Security Report. The report…


  3. OpenSSL Patches Six Security Vulnerabilities

    This morning, OpenSSL released six security patches—versions 1.0.2b, 1.0.1n, 1.0.0s, and 0.9.8zg—for new security vulnerabilities discovered in OpenSSL. These patches fix six vulnerabilities: five are rated moderate risk and one is classified as low risk. For a full list, see the OpenSSL advisory. None of these bugs affects SSL Certificates; no action related to certificate management is required.…


  4. Logjam Attack: What You Need to Know

    Called the Logjam attack, this new potential vulnerability allows an attacker to intercept HTTPS connections between vulnerable clients (browsers) and servers and force them to downgrade the connection to 512-bit export-grade cryptography. The attacker can then read and change any data passed through this connection. The attack is similar to the FREAK attack because it…


  5. Understanding the Google Chrome Connection Tab

    Chrome has made changes to the Connection Tab in Chrome 44. For the updated blog post, click here. The yellow triangle or red ‘X’ icons in Google Chrome’s “Connection” Tab are alarming and can be difficult to understand. Below are four brief explanations about what causes the warnings and some tips for resolving related problems. Public Audit…