Home / Early Warning / Cybersecurity Highlights / Filter / Cybersecurity Highlights
Subscribe to CERTSI - Cybersecurity Highlights RSS

Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.
Post related to: SSL/TLS

DST Root CA X3 certificate has expired

09/20/2021
Let’s Encrypt, a non-profit company dedicated to issue SSL certificates, has confirmed that its root certificate, DST Root CA X3, has expired last 30 September, being replacing by the new ISRG Root...

Let’s Encrypt bug in issuance of certificates

02/29/2020
The certification authority, Let’s Encrypt, has reported a bug in its CAA (Certification Authority Authorization) code, specifically on Boulder, the CA (Certification Authority) software...

Google announces a method to create SHA1 collisions

02/23/2017
A joint research between Google and the Dutch Institute CWI has managed to create a technique to generate two different PDF files with the same SHA-1 hash. According to Google, the possibility of...

Logjam, another SSL vulnerability

05/20/2015
The Diffie-Hellman protocol, used for key exchangement by others such as HTTPS, SSH IPSec and any other based on TLS, is affected by a vulnerability that allows a MITM attacker downgrade cyphering...

Bar Mitzvah: attacking RC4 to compromise SSL/TLS

03/26/2015
A new attack against a weak RC4 functions allows attacker to decipher data into a ciphered SSL/TLS connection. Unlike the previous attacks involving SSL, this does not need an active connection and...

Pages