Attackers are using CT logs to identify brand new WordPress sites and install malware before upcoming security measures are in place.  This attack is novel in how it exploits Certificate Transparency information to identify likely targets.  In this episode we explain what is happening and why it's noteworthy.

Root Causes 223: CT Log-Enabled Attacks on WordPress Sites

It's a bloodbath on Bugzilla. Since March 9, more than 25 new Bugzilla bugs been written up, which is 10x the typical pace. And it's not over. In this episode we explain what is going on and why.

Root Causes 372: Bugzilla Bloodbath

A massive name space attack has hijacked more than 21,000 domains and subdomains, including a who's who list of major global brands. This huge and innovative attack takes advantage of inherited trust in abandoned domains.  We explain what is happening.

Root Causes 373: Massive Brand Hijack Subverts More Than 21,000 Domains and Subdomains

NIST Cyber Security Framework version 2.0 is released. It includes guidance on identity management and authentication. In this first episode of a series, we describe this framework's basic structure and its effect on industry.

Root Causes 374: NIST Cyber Security Framework 2 Released

In this guest episode we discuss name space hygiene with Geir Rasmussen, founder of NodeZro. CNAMEs, SPF, DMARC, name server entries, and other DNS identifiers, left unattended, can expose companies to identity-based attacks. We lay out the steps in addressing name space cleanup.

Root Causes 375: What Is Name Space Lifecycle Management?

Gartner has released a new framework for Certificate Lifecycle Management, called the Seven Core Functions of Certificate Automation. We walk through this framework and answer how it fits in with our own Five Pillars of CLM.

Root Causes 376: Gartner's New CLM Framework

If you issue public certificates that are fully compliant except that they do not reflect what your CPS says, are they misissued? Do they require revocation? This is a question with real stakes as we see multiple current instances of a CA denying revocation for that reason. In this episode we explore this issue.

Root Causes 377: Is CPS/Issuance Misalignment a Revocation Event?

In the latest in our ongoing series of discussions of the Bugzilla Bloodbath, we delve deep into the problem of failure to revoke on time and the multiple causes that lead to this ongoing failure. And what to do about them.

Root Causes 378: Why Are Forced Revocations So Difficult?

On August 13, 2024, NIST released its first three standards for PQC algorithms, ML-KEM, ML-DSA, and SLH-DSA.  We tell you where to find them and talk about what happens next.

Root Causes 413: NIST Releases Standards for First Three PQC Algorithms

In this episode we detail the mandatory revocation periods for leaf certificates and intermediates and explain when a 24-hour versus a 120-hour revocation deadline applies.

Root Causes 414: What Are the Revocation Periods for Public Certificates?

NIST recently released PQC algorithmic standards in FIPS-203, FIPS-204, and FIPS-205 (ML-KEM, ML-DSA, and SLH-DSA). We describe what is necessary for enterprises to begin using these algorithms.

Root Causes 415: What Can I Do with These New FIPS PQC Standards?

Digital certificate industry veterans Tim Callan and Jason Soroko explore the issues surrounding digital identity, PKI, and cryptographic connections in today's dynamic and evolving computing world. Best practices in digital certificates are continually under pressure from technology trends, new laws and regulations, cryptographic advances, and the evolution of our computing architectures to be more virtual, agile, ubiquitous, and cloud-based. Jason and Tim (and the occasional guest subject matter expert) will help you stay current on developments in this essential technology platform and to understand the whys and wherefores of popular Public Key Infrastructures.

Root Causes 223: CT Log-Enabled Attacks on WordPress Sites

Tim Callan

Related tracks