in ,

How SSL certificates are leaking sensitive information

SSL certificates mark the first step in a commitment to user safety and security and HTTPS, SMTPS, IMAPS, POP3S have become the standard protocol for web traffic. Given that these certificates carry an ocean of internal information, they might be leaking the sensitive data to potential threat actors, according to new research from Detectify Labs that analysed over 900 million public SSL/TLS certificates. 

Securing your website with an SSL/TLS certificate is no longer optional, even for businesses that don’t have sensitive customer information on the web. While Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificates are a subset of encrypted communication, they are a key component in terms of user safety and security. Providers like Let’s Encrypt have improved internet security through automated ways to set up HTTPS easily and for free, making encryption easily accessible to smaller scale companies. 

While the information is encrypted when using SSL certificates, the risk of it being exposed continues to be there as companies use descriptive domain names. New research from Detectify Labs investigated over 900 million public SSL/TLS certificates and uncovered the pitfalls that can lead to company data being exposed or compromised by malicious actors. 

This post was created with our nice and easy submission form. Create your post!

What do you think?

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

The Ultimate Guide to Finding and Escalating XSS Bugs | @Bugcrow

Phishing with Google's Domain