ZDNet

Let's Encrypt disables TLS-SNI-01 validation

Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...
SiliconANGLE

Security certificate lifespans to be reduced to 47 days by 2029 under new industry standard

The Certification Authority Browser Forum has voted to reduce Secure Sockets Layer/Transport Layer Security certificates to 47 days by March 2029, in a move that will radically alter existing security ...
CSOonline

Wildcard Certificate Risks and the ALPACA TLS Attack

What is the ALPACA attack? The application layer protocol content confusion attack (ALPACA) was first disclosed in June and presented at Black Hat USA 2021. To understand ALPACA, it’s helpful to ...
Forbes

Digital Groundhog Day: The 47-Day TLS Certificate Mandate You Can’t Escape

Every digital transaction—checkout, login, API call—runs on a hidden foundation of millions of machine identities. Transport Layer Security (TLS) certificates, just one type of machine identity, are ...
Network World

Father of SSL says despite attacks, the security linchpin has lots of life left

SSL/TLS, the protocol that protects security of e-commerce, has taken a beating lately, with news items ranging from the violation of certificate authorities to the discovery of an exploit that beats ...
cio.economictimes.indiatimes

What every CIO needs to know about the new 47-day certificate rule

India’s digital economy has scaled rapidly, with organisations across sectors accelerating transformation through cloud adoption, digital platforms, and AI-powered services. At the heart of this ...