Here is our latest news roundup of articles about network and TLS/SSL security. Click here to see the whole series..
TLS News
- In September the number of web certificates in use surpassed 100 million for the first time. According to Netcraft, there were 100,323,811 valid certificates, an increase of 1.39% since August.
- in both iOS and macOS. Currently, TLS 1.0 and 1.1 are not supported in iOS 15 and macOS 12, but all support will be removed in the future.
- Let’s Encrypt’s root certificate, IdentTrust DST Root CA X3, expired Any devices that do not trust the new the ISRG Root X1 root certificate will experience warnings on any sites with Let’s Encrypt certificates after Sept. 30.
- The EFF announced plans to since HTTPS has been widely adopted.
Data breaches
- A hacktivist group known as Anonymous claimed to from web hosting company Epik, which services many right-wing clients.
Vulnerabilities
- Sept. 13 for a vulnerability in iPhone, iPad, Apple Watches and Mac Computers that allowed an advanced form of spyware from NSO Group, an Israeli company.
- An attacker released nearly 90,000 credential sets for Users should reset their passwords to protect against network attacks.
Government regulation
- The U.S. Office of Management and Budget released a draft of the which will help move government agencies to a baseline of zero trust.
- issued security guidance for companies to curb cyberattacks, especially following the recent hacks on U.S. companies.
Malware
- Microsoft researchers discovered a new malware that has left open a The attackers are said to be the
- For the first time, a through Linux binaries.
- A phishing campaign that targeted the aviation industry with malware has Although the malware is not particularly advanced, it shows how small-scale attackers can manage to go under the radar for long periods of time without being detected.
Digital Signatures
- Due to the lack of the Swiss electronic signature being recognized in the EU, a this month. The signer used a digital signature, but not one that is valid across boarders within EU states.
- Employees are for due to a legal dispute over electronic signatures.
Internet of Things
- found that the Internet of Things is missing product legislation for cybersecurity and lacks monitoring throughout a product’s lifecycle. The researchers recommend that the EU Commission launches proposals for legislation as soon as possible.