We hope you will find the Google translation service helpful, but we don't promise that Google's translation will be accurate or complete. You should not rely on Google's translation. English is the official language of our site.
Peter Eckersley, a co-founder of Let’s Encrypt and a contributing voice to the Electronic Freedom Frontier, has passed away. Losing a life battle to cancer, the world sadly lost Peter last week at the young age of 43.
Peter was a computer scientist whose passion and research impacted data privacy, net neutrality, encryption, online security, and artificial intelligence development. As a driving force behind advanced internet encryption, Peter’s work with the Electronic Frontier Foundation led him to co-found Let’s Encrypt, Certbot and HTTPS Everywhere.
Peter’s work will live on through his research. His latest project was the founding of theAI Objectives Institute. An environment dedicated to building standards and practices around artificial intelligence’s impact on ethics, privacy, and online safety.
Peter was dedicated to making technology safe for humanity.
Additional information is availablehere.
SSL.comResponse:
SSL.com shares its condolences with the world. Peter’s work had a significant impact on internet security and privacy. SSL.com supports Peter’s work, taking into account his influence on privacy, encryption, and digital trust.
Los Angeles Unified School District Hacked
Ransomware attacks are rising. Reports indicate that more than 71 million people were affected in 2021, with costs as high $18 billion in recovery costs. The numbers for 2022 already show a > 62% increase from last year, calculated on attacks that were reported.TechTargethas said that hackers are getting more sophisticated, and ransom demands are more organized. The most significant target is the Education-Research sector.
The latest Government/Education ransomware attack that has gained attention is theLos Angeles Unified School District, the nation’s second largest school district. The attack appears to be the responsibility of the Vice Society, a known ransomware group with ties to Russia.
The school district is assessing the damage and restoring services while working with the FBI on a response. TheCISA and FBI previously warned that the Vice Society was active and targeting the education sector.
The attack is a reminder that all agencies and organizations, government and commercial, are subject to cybersecurity threats and attacks. Ongoing security monitoring, upgrading systems, and end-user vigilance are a few of the critical measures in slowing security breaches.
SSL.comResponse:
SSL.com provides a layer of cybersecurity trust, enabling multiple levels of encryption and validation as an integral part of a defense-in-depth architecture. While the LA Unified network is extensive, diversified, and protected, the attack is an excellent example that a small crack in defensive measures can lead to a significant breach.SSL.comS/MIME Certificates(Secure/Multipurpose Internet Mail Extensions) can prevent phishing. The certificate confirms the identity of the sender while encrypting the contents of the email. The second preventative measure is theSSL.comClient Authenticationcertificates. It provides an additional layer of authentication and authorization and can be used with a Single Sign On initiative. Further information on how our Digital Certificates contribute to defense-in-depth can be foundhere.
There is Hidden Malware in Publicly Available Pictures From the James Webb Telescope
Security researchers discovered malicious malware hidden in the background of publicly available images from the James Webb Telescope. Dubbed theGO#WEBBFUSCATORattack, legitimate space photographs are hiding intrusive and compromising malware code.
The malware is written inGolang, an open-source language developed by Google. Its characteristics are favored by hackers as Golang is large in size. Large files tend to go undetected by many malware scanners. Golang also works well with Linux, MAC or Windows.
SSL.comResponse:
Hackers are getting more creative as cyber defense layers become more sophisticated and intelligent. While there is no guarantee that defensive measures can stop an attack,SSL.comis working closely with various national and international governmental agencies on a variety ofPKI and Digital Certificate projects.
Twilio and Cloudflare Targeted in Massive Phishing Scheme
Twilio and Cloudflare, both respected industry organizations, reported that they were victims of a massive phishing campaign. The campaign stretched to over 130 other organizations, including Okta, a leader in authentication.The attacks were successful because they were SMS-based, targeting employees with various spam messages and enticements to enter an authentication code as a response. The messages were convincing enough that many employees fell for the scheme, releasing a variety of credentials to the spammers. Once credentials were in the hackers hand, which included a variety of methods to satisfy two-factor authentication challenges, the hackers had free access to systems within the organization.
The impact was severe. Unfortunately, it proved that the best security software and next-gen firewalls were only minor obstacles. Social engineering was the culprit.
SSL.comResponse:
Security policies and ongoing training are critical components of a security architecture. Alayered approachprovides the best protective shell, as long as there is continuing end-user security education and training. SSL.com is a vital ingredient in a defense-in-depth architecture. In addition, our emailS/MIME Certificateprovides encrypted and authenticated communications for both private and public entities. Their use promotes email vigilance amongst users. OurClient Authentication Certificateprovides an alternative to two-factor authentication and can be used as an integral part of a Single Sign On initiative. Their use promotes controlled access, shielding sensitive data and digital assets from malicious actors.
SSL.com Reminders
OV & IV Code Signing Key Storage Requirements are Changing
With input from most of its membership, the CA/Browser Forum is changing the OV & IV Code Signing Key Storage Requirements. Initially, the change date was November 1, 2022. This date has been put on hold with a later date to be assigned. OV & IV Code Signing Certificates will be issued on Yubico USB Tokens or available via the SSL.com eSigner cloud signing service.
Additional information on this change can be found on the CA/Browser Forum website. Learn more about theSSL.comeSigner solution:https://www.ssl.com/esigner/
Organizational Unit Field for SSL/TLS Certificates is Being Deprecated
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping these cookies enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Show details
Name
Provider
Purpose
Expiration
Google Analytics
Google
Collect anonymous information such as the number of visitors to the site, and the most popular pages.
365 days
StatCounter Analytics
StatCounter
Collect anonymous information such as the number of visitors to the site, and the most popular pages.
.jpg?upscale=true&width=1116&upscale=true&name=joshua-sortino-LqKhnDzSF-8-unsplash%20(1).jpg)
