Default title

CERTIFICATES PROVIDE GREAT SECURITY

ONLY IF UNDERSTOOD AND IMPLEMENTED PROPERLY

Secure Certificates protect almost everything on the internet. Whether Symmetric or Asymmetric the foundational technology usually relies on a certificate or key. The key system is usually part of a set of private and public keys used for various purposes and relying on eachother for functionality.

Implementing a certificate is a very well documented process. In many cases it is too well documented and allows for less than qualified person's to effectively demonstrate a skill that they do not fully understand.

In an asymmetric key system the private key is never presented publicly, only public keys are presented to systems who wish to communicate with the target system. This is where a major security problem usually creeps into an otherwise secure system. Many times in my career I have noticed Private Keys left on the System Drives or desktops of mail servers, web servers and Linux Systems. These private keys are the kryptonite to good PKI. Keys should never be left unaccounted for or misplaced. They should be stored offline using secured, audited access methods. Gaining access to the private key of a secured system allows unfettered access to any encrypted communications using that key. This potentially allows access to emails, passwords, queries, bank information etc not because of a technical problem but instead because a lack of process and poor understanding of the technology. It is a purely preventable issue. If your key has been copied because it was left unsecured and is being used to read your encrypted communications there are very few tell-tale signs.

It might be tempting to let more junior people perform your key maintenance it is always advisable to leave anything regarding security safely in the hands of the experts who understand the technology.

RECENT THREAT POSTS

- Tara Seals
BazarLoader Malware Abuses Slack, BaseCamp Clouds
Two cyberattack campaigns are making the rounds using unique social-engineering techniques.
- Becky Bracken
iOS Kids Game Morphs into Underground Crypto Casino
A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality.
- Tara Seals
NSA: 5 Security Bugs Under Active Nation-State Cyberattack
Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
- Matt Bromiley
Mandiant Front Lines: How to Tackle Exchange Exploits
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
- Elizabeth Montalbano
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
- Becky Bracken
Biden Races to Shore Up Power Grid Against Hacks
A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said.
- Tara Seals
Gafgyt Botnet Lifts DDoS Tricks from Mirai
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices.
- Elizabeth Montalbano
Attackers Target ProxyLogon Exploit to Install Cryptojacker
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.
- Tara Seals
Security Bug Allows Attackers to Brick Kubernetes Clusters
The vulnerability is triggered when a cloud container pulls a malicious image from a registry.
- Becky Bracken
Ransomware Attack Creates Cheese Shortages in Netherlands
Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw.

Archives

Leave a Reply

Your email address will not be published. Required fields are marked *

12 − 11 =