CyberSecurityBoard
Sponsor Register Login

SSL/TLS Certificates Validity To Be Reduced From 398 Days to 47 Days

Preparing for Quantum Computing: With quantum computing posing future threats to cryptographic security, shorter certificate lifespans promote crypto agility, enabling quicker adoption of stronger algorithms and compliance with evolving standards. Tim Callan, Chief Compliance Officer at Sectigo and Vice Chair of the CA/Browser Forum highlighted the operational challenges posed by shorter certificate lifespans but underscored their importance in preparing for quantum-era threats. As the industry moves toward shorter certificate lifespans, this change represents not just a technical adjustment but a fundamental shift in how digital trust is managed, ensuring stronger security for an increasingly interconnected world. Encouraging Automation: Frequent renewals necessitate automated certificate lifecycle management solutions, reducing reliance on manual processes that are prone to errors and delays. Sectigo CEO Kevin Weiss hailed the decision as a “pivotal advancement” for internet security while emphasizing the need for automation in managing frequent renewals. The measure, initially proposed by Apple and endorsed by Sectigo, will be implemented in phases over the next four years, marking a significant shift in digital certificate management practices. Enhanced Security: Shorter lifespans limit the exposure of private keys to potential threats, reducing risks such as man-in-the-middle attacks and data breaches.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 14 Apr 2025 16:15:22 +0000


Cyber News related to SSL/TLS Certificates Validity To Be Reduced From 398 Days to 47 Days

Adding OpenSSL Generated Certificates to Your Server: A Comprehensive Guide - Utilizing SSL/TLS certificates to encrypt data transferred between your server and clients is one of the fundamental components of server security. The process of adding OpenSSL-generated certificates to your server will be covered in detail in this ...
1 year ago Feeds.dzone.com
SSL/TLS certificate lifespans reduced to 47 days by 2029 - The CA/Browser Forum is a group of certificate authorities (CAs) and software vendors, including browser developers, working together to establish and maintain security standards for digital certificates used in Internet communications. Currently, ...
1 day ago Bleepingcomputer.com
Why is my SSL expiring every 3 months? - Digital certificates, used with the protocol 'TLS' establish secure connections between your web server and the browsers visitors use to view your site. If a user gets a message saying their site's certificate has expired, they may feel it's not ...
1 year ago Securityboulevard.com
The role of certificate lifecycle automation in enterprise environments - Learn about PKI automation and its role in managing the growing complexity of digital identities and certificates. Digital certificates form a strong foundation for our modern digital landscape and at the root of these certificates: PKI. Public key ...
1 year ago Securityboulevard.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
6 months ago Aws.amazon.com
CVE-2022-49094 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
Strengthening Cybersecurity: The Role of Digital Certificates and PKI in Authentication - Data protection remains integral in our wide digital world. This has been possible because of the increasing awareness amidst enterprises, small and large, across industries on the paramount need for the protection of sensitive data, securing digital ...
1 year ago Feeds.dzone.com
New NCCoE Guide Helps Major Industries Observe Incoming Data While Using Latest Internet Security Protocol - PRESS RELEASE. Companies in major industries such as finance and health care must follow best practices for monitoring incoming data for cyberattacks. The latest internet security protocol, known as TLS 1.3, provides state-of-the-art protection, but ...
1 year ago Darkreading.com
Beware of Expired or Compromised Code Signing Certificates - One of the vital security measures taken in this direction is the use of code signing certificates to prove software authenticity, integrity and security. Code signing certificates, used for digitally signing applications and software, are an ...
1 year ago Securityboulevard.com
SSL/TLS Certificates Validity To Be Reduced From 398 Days to 47 Days - Preparing for Quantum Computing: With quantum computing posing future threats to cryptographic security, shorter certificate lifespans promote crypto agility, enabling quicker adoption of stronger algorithms and compliance with evolving standards. ...
1 day ago Cybersecuritynews.com
CVE-2019-12677 - A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new ...
1 year ago
Google Online Security Blog: Sustaining Digital Certificate Security - The Chrome Security Team prioritizes the security and privacy of Chrome's users, and we are unwilling to compromise on these values. The Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to ...
9 months ago Security.googleblog.com
CVE-2024-28836 - An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a ...
1 year ago Tenable.com
Why are IT professionals not automating? - These concerns are no different when it comes to certificate automation. Digital certificates are the fundamental building blocks of cybersecurity infrastructure. The number of certificates we use and the way we use them has grown exponentially. Over ...
1 year ago Helpnetsecurity.com
GitHub says hackers cloned code-signing certificates in breached repository - GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing certificates place a cryptographic stamp on code to ...
2 years ago Packetstormsecurity.com
CVE-2020-3196 - A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust ...
1 year ago
The Challenges and Solutions of Transport Layer Security - Transport Layer Security (TLS) is the modern version of the now-outdated Secure Socket Layer (SSL) protocol. It is located between the application protocol layer and the TCP/IP layer, where it can secure and send application data to the transport ...
2 years ago Trendmicro.com
JetBrains fingers Rapid7 for customer ransomware attacks The Register - Last week, we wrote about how security outfit Rapid7 threw JetBrains, the company behind the popular CI/CD platform TeamCity, under the bus over allegations of silent patching. The software developer published its side of the story at the time, but ...
1 year ago Go.theregister.com
CVE-2021-34783 - A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, ...
1 year ago
GitHub Security Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom - GitHub revealed on Monday that unknown hackers managed to steal encrypted code signing certificates related to some versions of GitHub Desktop for Mac and Atom apps. As a precaution, the company is revoking the exposed certificates. Versions 1.63.0 ...
2 years ago Thehackernews.com
Hackers Stole GitHub Desktop and Atom Code-Signing Certificates - Monday, GitHub announced that unidentified threat actors were able to exfiltrate encrypted code signing certificates for certain versions of the GitHub Desktop for Mac and Atom applications. The company is taking the precautionary action of canceling ...
2 years ago Heimdalsecurity.com
Microsoft Trust Signing service abused to code-sign malware - Recently, cybersecurity researchers have seen threat actors utilizing the Microsoft Trusted Signing service to sign their malware with short-lived, three-day code-signing certificates. A cybersecurity researcher and developer known as 'Squiblydoo,' ...
3 weeks ago Bleepingcomputer.com
CVE-2021-1402 - A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) ...
2 years ago
CVE-2023-20177 - A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote ...
1 year ago
The Last Mile of Encrypting the Web: 2023 Year in Review - At the start of 2023, we sunsetted the HTTPS Everywhere web extension. It encrypted browser communications with websites and made sure users benefited from the protection of HTTPS wherever possible. HTTPS Everywhere ended because all major browsers ...
1 year ago Eff.org

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)