DigiCert Blog

  • OpenSSL Patches Seven Security Vulnerabilities

    Yesterday morning, OpenSSL released two patches—versions 1.0.2g and 1.0.1s—for seven new security vulnerabilities that were found in OpenSSL versions 1.0.1 and 1.0.2. These patches fix one “high” severity and six “low” severity vulnerabilities. One High Severity Vulnerability The OpenSSL advisory explained that the high severity vulnerability known as DROWN (Decrypting…


  • Preventing the DROWN Attack

    Researchers recently uncovered the DROWN vulnerability in SSL v2. DROWN stands for Decrypting RSA with Obsolete and Weakened encryption. It affects HTTPS and other services that rely on the SSL and TLS protocols. Attackers can use the DROWN vulnerability to break the encryption that is used to protect your sensitive…


  • This Month in SSL: February 2016

    Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.) SSL & Encryption To address the SSL migration dates and the expanding threat landscape, the PCI Security Standards Council will be releasing PCI DDS version 3.2 earlier than the usual…


  • What to Expect from the RSA Security Conference

    In less than a week, the RSA Conference will celebrate its 25th anniversary, gathering more than 30,000 attendees in San Francisco’s Moscone Center for annual favorites such as the Cryptographers’ Panel, big name keynotes, hacking demos, and lively after-hour parties. RSA will feature over 400 expert-led sessions and 500 exhibitors,…


  • Safety in a Good Password

    Max Nisen with Business Insider has pointed out that frankly, our society has become “Internet obsessed.” The Internet has become a necessary resource in the workplace and in education. People who use the Internet just for leisure can log up to 100 minutes a day, and that rapidly growing number…