#certificate-authorities
#certificate-authorities

[ follow ]

Ars Technica

Privacy professionals

Google calls for halting use of WHOIS for TLS domain verifications

Threat actors can exploit WHOIS data verification to fraudulently obtain TLS certificates, prompting calls for a reevaluation of verification practices. [ more ]

Theregister

2 weeks ago

Information security

How researchers paid $20 and undermined internet integrity

Researchers found a vulnerability in the WHOIS protocol that could undermine certificate authorities and expose systems to potential exploitation.

The migration of WHOIS servers can leave expired domains vulnerable to exploitation, posing security risks for millions of systems. [ more ]

Ars Technica

1 week ago

Privacy professionals

Google calls for halting use of WHOIS for TLS domain verifications

Threat actors can exploit WHOIS data verification to fraudulently obtain TLS certificates, prompting calls for a reevaluation of verification practices. [ more ]

Theregister

2 weeks ago

Information security

How researchers paid $20 and undermined internet integrity

Researchers found a vulnerability in the WHOIS protocol that could undermine certificate authorities and expose systems to potential exploitation.

The migration of WHOIS servers can leave expired domains vulnerable to exploitation, posing security risks for millions of systems. [ more ]

morecybersecurity

[ Load more ]

#certificate-authorities#certificate-authorities

Google calls for halting use of WHOIS for TLS domain verifications

How researchers paid $20 and undermined internet integrity

Google calls for halting use of WHOIS for TLS domain verifications

How researchers paid $20 and undermined internet integrity

#certificate-authorities
#certificate-authorities