Default title

CERTIFICATES PROVIDE GREAT SECURITY

ONLY IF UNDERSTOOD AND IMPLEMENTED PROPERLY

Secure Certificates protect almost everything on the internet. Whether Symmetric or Asymmetric the foundational technology usually relies on a certificate or key. The key system is usually part of a set of private and public keys used for various purposes and relying on eachother for functionality.

Implementing a certificate is a very well documented process. In many cases it is too well documented and allows for less than qualified person's to effectively demonstrate a skill that they do not fully understand.

In an asymmetric key system the private key is never presented publicly, only public keys are presented to systems who wish to communicate with the target system. This is where a major security problem usually creeps into an otherwise secure system. Many times in my career I have noticed Private Keys left on the System Drives or desktops of mail servers, web servers and Linux Systems. These private keys are the kryptonite to good PKI. Keys should never be left unaccounted for or misplaced. They should be stored offline using secured, audited access methods. Gaining access to the private key of a secured system allows unfettered access to any encrypted communications using that key. This potentially allows access to emails, passwords, queries, bank information etc not because of a technical problem but instead because a lack of process and poor understanding of the technology. It is a purely preventable issue. If your key has been copied because it was left unsecured and is being used to read your encrypted communications there are very few tell-tale signs.

It might be tempting to let more junior people perform your key maintenance it is always advisable to leave anything regarding security safely in the hands of the experts who understand the technology.

RECENT THREAT POSTS

- Tara Seals
Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more.
- Lindsey O'Donnell
The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion.
- Tara Seals
The cybercrooks spread the COVID-19 relief scam via Telegram and WhatsApp, and ultimately harvest account credentials and even pics of IDs.
- Lindsey O'Donnell
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
- Tom Spring
Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them.
- Tara Seals
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
- Aamir Lakhani
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
- Tara Seals
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
- Tom Spring
Threatpost's latest poll probes telehealth security risks and asks for IT cures.
- Lindsey O'Donnell
Researchers warn of emails pretending to help business employees upgrade to Windows 10 - and then stealing their Outlook emails and passwords.

Archives

Leave a Reply

Your email address will not be published. Required fields are marked *

three + 3 =