ÃÛÌÒTV

News 02-02-2022

Latest News In TLS/SSL : January 2022

ÃÛÌÒTV

Here is our latest news roundup of articles about network and TLS/SSL security. Click here to see the whole series.

TLS news

  • TLS certificates issued within the past three months from Let’s Encrypt may need to be . This revocation could impact millions of certificates. Read more about what happens when certificates must be revoked and why in our Guide to TLS Certificate Revocations.

Data security

  • in January that warn users of suspicious files that could be phishing or malware.

Data breaches

  • In 2021, , rising 68% from previous years. The Identity Theft Resource Center reported 1,862 data breaches in 2021, significantly higher than the previous record of 1,506 in 2017. Furthermore, the report found that and warns that both individuals and businesses are at risk.

Vulnerabilities

  • A flaw that Microsoft fixed almost a decade ago is , recently affecting over 2,000 victims in over 100 different countries. Hackers use the nine-year-old flaw to plant malware, dubbed ZLoader, onto devices by modifying a dynamic-link library (DLL) file that is digitally signed by Microsoft.
  • Researchers warned that a flaw in all major Linux systems could be exploited to gain access to .

Ransomware

  • Hacktivists claimed to have to stop Russia from advancing into the country. On Twitter, they announced that they would only offer the decryption key if Belarus President Alexander Lukashenko agreed to stop aiding Russian troops and released political prisoners in need of medical assistance. This attack is the first of its kind to be used in this way.

Quantum computing

  • Researchers from the University of Sussex, UK, have found that cryptocurrencies like bitcoin are a long way away from being at risk to quantum attacks. Quantum computers would need to be than they currently are to break the cryptographic algorithm that secures bitcoin, which could take a decade to become a reality, according to the researchers.

Government regulation

  • The U.S. held a meeting of both government and private stakeholders in January to discuss ways to improve the security of open source software. Proposed plans include integrating security into development tools and using best practices like code signing, strong digital identities and informing the public of what is in the software they purchase and use. This is one of many discussions that have taken place since President Biden made software security a national priority.
  • Britain launched its first ever . This will make it easier for the public to report cyber vulnerabilities and attacks and includes investments into protecting Britain’s public services from cyber threats.
UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-27-2024

6 actionable ways to secure the IIoT at every stage

Tracking the progress toward post-quantum cryptography

The state of PQC since the publication of FIPS 203, 204 and 205