1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...

PCI DSS 4.0 Compliance: Everything to Know About New Compliance Checklist

Introduction Possibly one of the most important things that have not changed at all is that, regardless of the constant growth of new technologies and new payment solutions, the issue of security remains extremely important. The standard with which organizations have been comparing their payment card data security programs for…
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...

NIST Publishes New Zero Trust Implementation Guidance: 19 Ways to Build ZTA (SP 1800-35)

If you’re still relying on a perimeter firewall to protect your network… you’re already behind. The way we work has changed. Remote teams, cloud apps, and mobile devices they’ve all shattered the traditional idea of a secure network boundary. That’s where Zero Trust Architecture (ZTA) comes in. And NIST just…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

What Is TLS/SSL Port? Difference Between SSL Certificate Port vs HTTPS Port

What Is a TLS/SSL Port? A TLS/SSL port is a portion of the network used for the creation of secure connections on the Internet using the Transport Layer Security or Secure Socket Layer. Such protocols are used for encryption and authentication so that data being exchanged between a client, like…
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

Critical Vulnerabilities Fixed in Trend Micro’s Apex Central and PolicyServer

If you’re using Trend Micro Apex Central or Endpoint Encryption PolicyServer, here’s some urgent news. Hackers could take full control of your system, no login required. On June 10th, Trend Micro released urgent patches for ten security flaws, including six unauthenticated remote code execution (RCE) vulnerabilities rated critical with CVSS…
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...

What is a Common Name (CN) in an SSL Certificate?

The Common Name (CN) in an SSL/TLS certificate is a field that identifies the main domain name that this certificate belongs to. It is used mainly as the primary means for verifying the identity of the domain while conducting safe communication over the World Wide Web. Originally, the CN field…
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

Google Chrome to Distrust Chunghwa Telecom and Netlock Certificates from August 2025

Google Chrome announced that it would distrust new TLS/SSL certificates from two certificate authorities (CAs): Chunghwa Telecom and Netlock, effective August 1, 2025, with the release of Chrome version 139. Apart from releasing new TLS/SSL standards, the Chrome announcement represents another significant step in Google’s campaign to demand accountability for…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

What is Ransomware-as-a-Service (RaaS)?

What is Ransomware-as-a-Service (RaaS)? Ransomware-as-a-Service is a model for cybercrime in which ransomware creators sell or license their software for use by accomplices, who usually launch ransomware attacks. Even with very little or no technical know-how, individuals can hence become active participants in a highly sophisticated ransomware attack. RaaS runs…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

What is a Wildcard SAN Certificate and How Does It Work?

What is Wildcard SSL? A Wildcard SSL certificate is a special type of SSL certificate designed to secure a single domain and all of its subdomains. Unlike regular SSL certificates that only secure one domain, a Wildcard SSL certificate uses a wildcard character (an asterisk, *) in the domain name…
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...

Sectigo and DigiCert to Remove Client Authentication EKU from Public SSL/TLS Certificates

In response to evolving browser policies and heightened security requirements, Sectigo and DigiCert both announced they will remove the Client Authentication Extended Key Usage (EKU) from public SSL/TLS certificates. It is part of a broader initiative to support Google Chrome’s Root Program and CA/Browser Forum best practices. It directs public…
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...

Let’s Encrypt Drops SSL Certificates Expiry Emails: Are You Prepared?

If you run a website, especially one secured with a Free SSL Certificate, chances you are using Let’s Encrypt. They’re the game changers who made SSL certificates free and easy for everyone. However, as of June 4, 2025, a small change is coming that might catch some people off guard…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

Post-Quantum Cryptography Is Coming to Windows & Linux: What You Need to Know 

Welcome to the Quantum Era, where even the strongest locks we use to protect our digital lives might soon be breakable. However, don’t panic; Microsoft is already preparing for that future, and it has just rolled out a groundbreaking update for Windows Insiders and Linux users that could change the…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

CVE-2025-47539: Critical Eventin WordPress Plugin Vulnerability Puts 10,000+ Sites at Risk 

A severe zero-day vulnerability has been found in the widely used Eventin WordPress plugin (Themewinter), which puts over 10,000 websites at extreme risk for complete takeover. CVE-2025-47539 is the identifier for the flaw, which permits unauthenticated privilege escalation, allowing users to create user accounts at the Administrator level without having…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

SSH Key Reuse Unmasks Major Phishing Campaign in Kuwait

About the Incidence What began as a handful of phishing attacks by early 2025 became a large, organised attack aimed at the fisheries, telecommunications, and insurance sectors in Kuwait. Security Researchers at Hunt.io have found evidence of a large phishing campaign that used over 230 different malicious websites to try…
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading...

TACACS+ Authentication Bypass Flaw Exposes Devices to Full Compromise 

Cybersecurity experts are concerned about a high-impact vulnerability in Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager, designated as CVE-2025-22252. The vulnerability could allow the attacker to circumvent authentication and gain privileges as an administrator on enterprise networks that deploy Fortinet security appliances.   What is CVE-2025-22252?  CVE-2025-22252 is an authentication for critical function…
1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 5.00 out of 5)
Loading...

LockBit Ransomware Gang Breached — Secrets Spilled in Major Takedown

An Incidence The hunter becomes the hunted. LockBit, once the most dominant ransomware-as-a-service (RaaS) syndicate on the dark web, has been shattered from within. In a dramatic twist, the criminal enterprise infamous for extorting hundreds of millions from global victims has now suffered a severe breach of its infrastructure, exposing…