We hope you will find the Google translation service helpful, but we don't promise that Google's translation will be accurate or complete. You should not rely on Google's translation. English is the official language of our site.
Subscribe to SSL.com’s newsletter, stay informed and secure.
Copy article link
Machine Identities Are Critical for Cybersecurity
In today’s connected world, robots, intelligent machines, and various automated devices outnumber humans using the Internet. While multiple layers of security are built into networks, a major component is the level of digital trust applied to validating identity. While it is a known process for humans, validating machines is more challenging.
According to a recent article inSC Magazine, with the number of devices on the net, security certificate management is a complex initiative unless organizations implement a unified methodology ensuring security certificates stay valid and up to date.
The article is derived from a poll administered by the Ponemon Institute, which surveyed more than 1200 security professionals dispersed over multiple industries.
The article indicates that over 80% of the respondents experienced multiple operational disruptions due to expired certificates. While the level of security protection was good, once a certificate expires devices in question are typically taken off line, till remediation can take place. The mitigation process to restore can take over 3 hours once it’s identified. The process disrupts operations, which is costly.
Machine identities rely on digital certificates, and encryption technology deployed through SSL/TLS Certificates with an ongoing emphasis on PKI.
Security researchers predict that device security compromises will increase. Most of the issues will be related to a lack of good certificate management. With > 100 billion IoT devices connected to the internet, security organizations must consider a certificate management platform.
SSL.comhas tools, partners and processes to help mitigate and reduce operational downtime due to untimely expirations.
SSL.comResponse
SSL.com is very active in securing IoT devices with a suite of solutions designed for various devices and configurations. SSL.com provides:
Reports of Malware Disguised as Productivity Apps Are Showing Up in The Google Play Store
Trend Micro recently reported that malicious dropper apps are appearing in The Google Play Store disguised as business productivity apps. Unfortunately, the apps slipped through Google’s security screening and are droppers for privacy-invading malware, trojans, and keyloggers. Once downloaded, the malware embeds itself on the endpoint device and collects and transmits private user data to its home base.
The apps have allegedly been removed from the Play Store but may persist on personal devices. According to an online report inThe Hacker News, Cybercriminals are becoming more adept at evading detection while infecting as many devices as possible. The apps are:
SSL.comResponse
While Google has its own approval process for submitting apps into The Play Store, SSL.com offers the ability to secure code from tampering throughCode Signingwith a verified globally trusted identity.SSL.comcode signing certificates can be enabled for remote cloud signing.
Additional information is available here:https://www.ssl.com/certificates/ev-code-signing/ .
Schools Are Not Immune to Ransomware Attacks
Infosecurity-Magazine.comrecently reported a ransomware attack targeting an Upper School in Bedfordshire, England. The attack had little impact on operations, however the compromise of student data was problematic. A ransom has been demanded and authorities are calculating their next move. The attack brought to attention widespread technology vulnerabilities, which will be reviewed in the upcoming months.
According toPalo Alto Networks Unit 42 Threat Report, ransomware attacks increased by 144% between 2020 and 2021. The trend points to higher numbers in 2022 once the year ends. Threat actors are increasing their coverage and demands with new victims being identified every four hours.
Additional information can be found here: https://www.infosecurity-magazine.com/news/ransomware-group-500000-school/SSL.comResponse
Most ransomware attacks originate through malicious email attachments and unauthorized weblinks.SSL.comoffersS/MIMEandClientAuthcertificates to protect against such actions.
OurS/MIME (Secure/Multipurpose internet Mail Extensions) certificatescan be used by organizations to encrypt email communications internally among colleagues and externally with clients and partners. Their use prevents debilitating cyber attacks including email tampering, phishing, pharming, CEO Identity fraud, corporate impersonation, and leaks of sensitive data.
OurClientAuthcertificates shield sensitive data and digital assets from malicious actors by ensuring that only verified individuals or organizations are granted access.
SSL.com, is a Certificate Authority, providing a vital role in internet security. Our products and solutions were developed under the guidance of the Certificate Authority/Browser Forum and Cloud Signature Alliance to meet the changing needs of our customers, partners, and international communities. In addition to creating encryption solutionsSSL.comis a Digital Trust organization focused on creating a chain of trust for document digital signing, code signing, web security and encrypted email.
Ask aboutSSL.comcomplete product suite, contactsales@ssl.com or call toll free
877-775-7328:
OV & IV Code Signing Key Storage Requirements are Changing
Effective November 1, 2022 OV & IV Code Signing Certificates will be issued onYubicoUSB Tokens or available via the SSL.com eSigner cloud signing service.
Additional information on this change can be found on the CA/Browser Forum website.
Learn more about theSSL.comeSigner solution:https://www.ssl.com/esigner/
Organizational Unit Field for SSL/TLS Certificates is Being Deprecated
August 1, 2022,SSL.comdiscontinued the use of the Organizational Unit field. This is in response to new guidelines ratified by the CA/Browser Forum. Learn more about this announcement: https://www.ssl.com/article/organizational-unit-ou-field-to-be-deprecated-by-ssl-com/
We’d love your feedback
Take our survey and let us know your thoughts on your recent purchase.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
This website uses Google Analytics & Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping these cookies enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Show details
Name
Provider
Purpose
Expiration
Google Analytics
Google
Collect anonymous information such as the number of visitors to the site, and the most popular pages.
365 days
StatCounter Analytics
StatCounter
Collect anonymous information such as the number of visitors to the site, and the most popular pages.