News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Day: Venafi

Digital certificates with a shortened lifespan
6 December 2024
| No comments
| Stories
Digital certificates with a shortened lifespan

Apple has now joined Google in pushing for a shorter certificate lifespan to improve online security. By putting the issue to a vote among members of the Certification Authority Browser Forum (CA/B Forum), Apple is making it clear that it intends to follow in the footsteps of Google, which will mandate 90-day certificates in the near future. Extending this effort to the entire community could have an even bigger impact than Google's proposed changes to Chrome. By proposing to reduce certificate lifespans to 2027 days by 45…

Read more

authentication codes cracked
13 November 2024
| No comments
| PR News
authentication codes cracked

Researchers in China have demonstrated an approach that successfully targets shorter authentication and encryption codes - but not yet the longer, more secure ones currently in use. The research results increase the threat level for cryptographic systems. Although they used a quantum computer to decrypt an RSA encryption, they only used a 50-bit integer for the RSA encryption. This is only 9,67 x 10^16 possible values. Nevertheless, the results should not be underestimated and unfortunately this news has been somewhat overlooked. It is a wake-up call for all companies that encrypt their data, apart from simple...

Read more

Many companies use AI to generate code
20 October 2024
| No comments
| PR News
Many companies use AI to generate code

A machine identity management vendor is releasing a new research report, "Organizations Struggle to Secure AI-Generated and Open Source Code." The report examines the risks of AI-generated and open source code and the challenges of securing that code amid hyperactive development environments. A survey of 800 security decision makers in the U.S., U.K., Germany, and France found that nearly all (92%) security leaders have concerns about the use of AI-generated code in their organization. Other key findings from the survey include: Tensions between security and developer teams: Eighty-three percent of security leaders say their developers currently…

Read more

NIST standards for quantum security
September 11, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The publication of the post-quantum standards by the National Institute of Standards and Technology (NIST) marks a critical step forward in securing the digital future. Until now, developers and security teams have been in a wait-and-see position, but with the finalization of these standards, the road to quantum security is now beginning. One of the biggest challenges will be to accurately identify the use of machine identities, such as TLS certificates and code signing certificates. With thousands or even hundreds of thousands of certificates in use, it is essential to update these applications and issue new certificates in accordance with the new standards.

Read more

Secure Boot can be compromised
August 9, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Researchers from a security company have uncovered that Secure Boot is completely compromised on more than 200 device models from Acer, Dell, Gigabyte, Intel and Supermicro. Secure Boot is a security standard developed by manufacturers in the PC industry to ensure that PCs only boot with software that the PC manufacturers trust. The results were summarized in this report. In December 2022, a developer who works with several US device manufacturers published a platform key on GitHub. This cryptographic key underlies Secure Boot and forms the basis of trust between hardware and firmware. The now-removed GitHub repository…

Read more

Cyber ​​attacks: Olympic Games as a gateway
July 26, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Are cyber attacks a threat during the 2024 Olympic Games in Paris? This question is not only being asked by those responsible there, but also by all those around the world who still remember the 2018 Winter Games in South Korea and Olympic Destroyer. State-sponsored hackers in particular tend to pursue political goals. They will try to disrupt the games and are not seeking financial gain. They are well-funded, highly qualified and work in secret. Their attacks can be directed against everything from ticket systems to athlete data to critical infrastructure, and can be used for...

Read more

Distorted results due to AI poisining
July 10, 2024
| No comments
| PR News
Distorted results due to AI poisining

Since the release of ChatGPT, cyber security experts have been asking themselves how they should control the falsification of GenAI through poisining. They initially assume a threat scenario, namely that the output of GenAI is already being falsified by data posining. Even when the first chatbots were trained with machine learning and then supposed to provide ready-made answers, there was manipulation. One example is Twitter, now X. As early as 2016, members of the short message service found it funny to feed the then chatbot Tay with racist content. The project was then terminated within a day. Similarly...

Read more

90-day TLS readiness for certificates
30 May 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The inventor of machine identity management has introduced its new 90-day TLS readiness solution for certificates. It helps organizations comply with Google's proposed 90-day TLS certificate standard, improving security posture while reducing the risk of certificate-related disruptions. According to a Venafi study, 83 percent of companies experienced certificate-related outages in the last 12 months and 57 percent of companies had security incidents involving compromised TLS certificates. Shortening the lifespan of certificates will help companies reduce the risk of compromise. 90 day lifespan for certificates “Google’s suggestion in the CA/browser…

Read more

Trends: Cybersecurity and Cloud Native Technology for 2024
12 December 2023
| No comments
| PR News
Trends: Cybersecurity and Cloud Native Technology for 2024

What are the five most important cybersecurity and cloud native technology trends for 2024? Rise of 1000x developers and hackers, AI poisoning attacks and certificate-related failures will pose challenges for the security industry. Venafi, the maker of machine identity management, today released its 2024 cybersecurity and cloud native landscape predictions. AI poses new threats and exacerbates existing risks, the lifespan of machine identities decreases, and the authenticity of codes is subject to stricter scrutiny. As a result, the coming year will be challenging for the security industry. “In 2023, companies will have a wave of…

Read more

Firefly protects machine identities in cloud-native workloads
June 7, 2023
| No comments
| PR News
Firefly protects machine identities in cloud-native workloads

Venafi, the inventor and leader in machine identity management, introduces Firefly. The solution supports highly distributed cloud-native environments. As part of Venafi's machine identity control plan, it enables easy and secure implementation of developer-driven machine identity management requirements for cloud-native workloads. Machine identities such as TLS and SPIFFE are deployed locally and at high speed in any environment. By adding speed, reliability, and security to machine identities in modern environments, organizations can ensure trust in issued certificates and compliance with corporate security policies while streamlining application development.

Read more

© 2025 MedPressIT Selinger
Cookie Settings