#sectigo — Public Fediverse posts

#Sectigo maliciously revoked #RustDesk 's code signing certificate because #VirusTotal says two engines are marking it as malware. Sectigo only give them 24 hours to resolve the issue, but most antivirus companies needs few days to resolve the false positives.

Now, all of the false positives are resolved, but Sectigo still no response for this incident for a week.

https://x.com/rustdesk/status/1998235183385026578

https://github.com/rustdesk/rustdesk/discussions/1375

https://www.virustotal.com/gui/file/4a3185b9282dbc85070dea4857de49003a709531e71c6e1207290d23da793067

🛡️ Sectigo’s Tim Callan warns:
- Harvest-now-decrypt-later attacks
- Trust-now-forge-later attacks
👉 PQC migration won’t be “flip the switch” — 98% of orgs expect big hurdles.

Full interview: https://www.technadu.com/quantum-era-threats-harvest-now-decrypt-later-and-trust-now-forge-later-attacks-challenge-digital-trust/606844/

#PQC #CyberSecurity #Sectigo #PostQuantum

🛡️ Sectigo’s Tim Callan warns:
- Harvest-now-decrypt-later attacks
- Trust-now-forge-later attacks
👉 PQC migration won’t be “flip the switch” — 98% of orgs expect big hurdles.

Full interview: https://www.technadu.com/quantum-era-threats-harvest-now-decrypt-later-and-trust-now-forge-later-attacks-challenge-digital-trust/606844/

#PQC #CyberSecurity #Sectigo #PostQuantum

#Sectigo wirft @geant in marketing mails eine unfaire Darstellung der Situation vor, die zur einseitigen und vorzeitigen Kündigung der Verträge seitens Sectigo geführt hatte. Sie führen einerseits finanzielle Gründe auf, was sicher auch stimmen kann, behaubten aber in einem verlinkten PDF später folgendes:

"Our decision to step away from GÉANT was guided by our responsibility to remain in full compliance with the CA/Browser Forum Baseline Requirements, as well as the
root program policies established by major browser and operating system vendors, [...]"

Spannende Formulierung. #GÉANT hätte also, laut Sectigos Darstellung hier, mit ihrer fortlaufenden Nutzung der Sectigo Dienstleistungen gegen CA Richtlinien verstoßen? Oder Sectigo dazu genötigt, das zu tun? Da wäre ich wirklich mal an den Details interessiert. Anyone?

#Sectigo wirft #GÉANT in marketing mails eine unfaire Darstellung der Situation vor, die zur einseitigen und vorzeitigen Kündigung der Verträge geführt hatte. Sie führen einerseits finanzielle Gründe auf, was sicher auch stimmen kann, behaubten aber in einem verlinkten PDF später folgendes:

"Our decision to step away from GÉANT was guided by our responsibility to remain in full compliance with the CA/Browser Forum Baseline Requirements, as well as the
root program policies established by major browser and operating system vendors, [...]"

Spannende Formulierung. GÉANT hätte also, laut Sectigos Darstellung hier, mit ihrer fortlaufenden Nutzung der Sectigo Dienstleistungen gegen CA Richtlinien verstoßen? Oder Sectigo dazu genötigt, das zu tun? Da wäre ich wirklich mal an den Details interessiert. Anyone?

#Sectigo wirft @geant in marketing mails eine unfaire Darstellung der Situation vor, die zur einseitigen und vorzeitigen Kündigung der Verträge seitens Sectigo geführt hatte. Sie führen einerseits finanzielle Gründe auf, was sicher auch stimmen kann, behaubten aber in einem verlinkten PDF später folgendes:

"Our decision to step away from GÉANT was guided by our responsibility to remain in full compliance with the CA/Browser Forum Baseline Requirements, as well as the
root program policies established by major browser and operating system vendors, [...]"

Spannende Formulierung. #GÉANT hätte also, laut Sectigos Darstellung hier, mit ihrer fortlaufenden Nutzung der Sectigo Dienstleistungen gegen CA Richtlinien verstoßen? Oder Sectigo dazu genötigt, das zu tun? Da wäre ich wirklich mal an den Details interessiert. Anyone?

#Sectigo wirft #GÉANT in marketing mails eine unfaire Darstellung der Situation vor, die zur einseitigen und vorzeitigen Kündigung der Verträge geführt hatte. Sie führen einerseits finanzielle Gründe auf, was sicher auch stimmen kann, behaubten aber in einem verlinkten PDF später folgendes:

"Our decision to step away from GÉANT was guided by our responsibility to remain in full compliance with the CA/Browser Forum Baseline Requirements, as well as the
root program policies established by major browser and operating system vendors, [...]"

Spannende Formulierung. GÉANT hätte also, laut Sectigos Darstellung hier, mit ihrer fortlaufenden Nutzung der Sectigo Dienstleistungen gegen CA Richtlinien verstoßen? Oder Sectigo dazu genötigt, das zu tun? Da wäre ich wirklich mal an den Details interessiert. Anyone?

#Sectigo wirft #GÉANT in marketing mails eine unfaire Darstellung der Situation vor, die zur einseitigen und vorzeitigen Kündigung der Verträge geführt hatte. Sie führen einerseits finanzielle Gründe auf, was sicher auch stimmen kann, behaubten aber in einem verlinkten PDF später folgendes:

"Our decision to step away from GÉANT was guided by our responsibility to remain in full compliance with the CA/Browser Forum Baseline Requirements, as well as the
root program policies established by major browser and operating system vendors, [...]"

Spannende Formulierung. GÉANT hätte also, laut Sectigos Darstellung hier, mit ihrer fortlaufenden Nutzung der Sectigo Dienstleistungen gegen CA Richtlinien verstoßen? Oder Sectigo dazu genötigt, das zu tun? Da wäre ich wirklich mal an den Details interessiert. Anyone?

What happens when penetration testing goes virtual and gets an AI coach https://www.helpnetsecurity.com/2025/08/19/digital-twins-cybersecurity-training/ #Artificialintelligence #penetrationtesting #skilldevelopment #Don'tmiss #framework #Features #Hotstuff #research #training #Sectigo #News

What happens when penetration testing goes virtual and gets an AI coach https://www.helpnetsecurity.com/2025/08/19/digital-twins-cybersecurity-training/ #Artificialintelligence #penetrationtesting #skilldevelopment #Don'tmiss #framework #Features #Hotstuff #research #training #Sectigo #News

What happens when penetration testing goes virtual and gets an AI coach https://www.helpnetsecurity.com/2025/08/19/digital-twins-cybersecurity-training/ #Artificialintelligence #penetrationtesting #skilldevelopment #Don'tmiss #framework #Features #Hotstuff #research #training #Sectigo #News

What happens when penetration testing goes virtual and gets an AI coach https://www.helpnetsecurity.com/2025/08/19/digital-twins-cybersecurity-training/ #Artificialintelligence #penetrationtesting #skilldevelopment #Don'tmiss #framework #Features #Hotstuff #research #training #Sectigo #News

Let's #Encrypt rolls out free IP address #certificates • The Register

Let's Encrypt, a #CertificateAuthority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.

It's not the first CA to do so. #PositiveSSL , #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
#security #tls #ssl #privacy

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's #Encrypt rolls out free IP address #certificates • The Register

Let's Encrypt, a #CertificateAuthority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.

It's not the first CA to do so. #PositiveSSL , #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
#security #tls #ssl #privacy

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's #Encrypt rolls out free IP address #certificates • The Register

Let's Encrypt, a #CertificateAuthority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.

It's not the first CA to do so. #PositiveSSL , #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
#security #tls #ssl #privacy

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's #Encrypt rolls out free IP address #certificates • The Register

Let's Encrypt, a #CertificateAuthority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.

It's not the first CA to do so. #PositiveSSL , #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
#security #tls #ssl #privacy

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's #Encrypt rolls out free IP address #certificates • The Register

Let's Encrypt, a #CertificateAuthority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.

It's not the first CA to do so. #PositiveSSL , #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
#security #tls #ssl #privacy

https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's Encrypt, a #certificate authority (CA) known for its free #TLS/SSL certificates, has begun issuing digital certificates for #IP addresses.
It's not the first #CA to do so. #PositiveSSL, #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's Encrypt, a #certificate authority (CA) known for its free #TLS/SSL certificates, has begun issuing digital certificates for #IP addresses.
It's not the first #CA to do so. #PositiveSSL, #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's Encrypt, a #certificate authority (CA) known for its free #TLS/SSL certificates, has begun issuing digital certificates for #IP addresses.
It's not the first #CA to do so. #PositiveSSL, #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's Encrypt, a #certificate authority (CA) known for its free #TLS/SSL certificates, has begun issuing digital certificates for #IP addresses.
It's not the first #CA to do so. #PositiveSSL, #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Let's Encrypt, a #certificate authority (CA) known for its free #TLS/SSL certificates, has begun issuing digital certificates for #IP addresses.
It's not the first #CA to do so. #PositiveSSL, #Sectigo, and #GeoTrust all offer TLS/SSL certificates for use with IP addresses, at prices ranging from $40 to $90 or so annually. But Let's Encrypt does so at no cost.
https://www.theregister.com/2025/07/03/lets_encrypt_rolls_out_free/

Why shorter SSL/TLS certificate lifespans matter https://www.helpnetsecurity.com/2025/04/15/certificate-shorter-lifespans/ #Expertanalysis #cybersecurity #Expertcorner #certificates #Don'tmiss #Hotstuff #opinion #Sectigo #SSL/TLS #News

Why shorter SSL/TLS certificate lifespans matter https://www.helpnetsecurity.com/2025/04/15/certificate-shorter-lifespans/ #Expertanalysis #cybersecurity #Expertcorner #certificates #Don'tmiss #Hotstuff #opinion #Sectigo #SSL/TLS #News

Why shorter SSL/TLS certificate lifespans matter https://www.helpnetsecurity.com/2025/04/15/certificate-shorter-lifespans/ #Expertanalysis #cybersecurity #Expertcorner #certificates #Don'tmiss #Hotstuff #opinion #Sectigo #SSL/TLS #News

Why shorter SSL/TLS certificate lifespans matter https://www.helpnetsecurity.com/2025/04/15/certificate-shorter-lifespans/ #Expertanalysis #cybersecurity #Expertcorner #certificates #Don'tmiss #Hotstuff #opinion #Sectigo #SSL/TLS #News

After Google stops trusting #TLS certificates from #Entrust they finally sell their public certificate business to #Sectigo

https://www.entrust.com/company/newsroom/entrust-sells-public-certificate-business-to-sectigo

After Google stops trusting #TLS certificates from #Entrust they finally sell their public certificate business to #Sectigo

https://www.entrust.com/company/newsroom/entrust-sells-public-certificate-business-to-sectigo

After Google stops trusting #TLS certificates from #Entrust they finally sell their public certificate business to #Sectigo

https://www.entrust.com/company/newsroom/entrust-sells-public-certificate-business-to-sectigo

After Google stops trusting #TLS certificates from #Entrust they finally sell their public certificate business to #Sectigo

https://www.entrust.com/company/newsroom/entrust-sells-public-certificate-business-to-sectigo

After Google stops trusting #TLS certificates from #Entrust they finally sell their public certificate business to #Sectigo

https://www.entrust.com/company/newsroom/entrust-sells-public-certificate-business-to-sectigo

So, issuing a #Sectigo Business #SSL certificate via #IONOS requires you to lie about your country of residence because the order form has a mandatory "German Bundesland" field no matter which country you select. I'm sure that's fine. 🤷‍♂️

So, issuing a #Sectigo Business #SSL certificate via #IONOS requires you to lie about your country of residence because the order form has a mandatory "German Bundesland" field no matter which country you select. I'm sure that's fine. 🤷‍♂️

So, issuing a #Sectigo Business #SSL certificate via #IONOS requires you to lie about your country of residence because the order form has a mandatory "German Bundesland" field no matter which country you select. I'm sure that's fine. 🤷‍♂️

So, issuing a #Sectigo Business #SSL certificate via #IONOS requires you to lie about your country of residence because the order form has a mandatory "German Bundesland" field no matter which country you select. I'm sure that's fine. 🤷‍♂️

So, issuing a #Sectigo Business #SSL certificate via #IONOS requires you to lie about your country of residence because the order form has a mandatory "German Bundesland" field no matter which country you select. I'm sure that's fine. 🤷‍♂️

CISA orders federal agencies to secure their Microsoft cloud environments https://www.helpnetsecurity.com/2024/12/19/cisa-bod-25-01-directive-secure-microsoft-cloud-environments/ #cloudsecurity #Microsoft365 #government #Don'tmiss #Hotstuff #Sectigo #News #CISA

CISA orders federal agencies to secure their Microsoft cloud environments https://www.helpnetsecurity.com/2024/12/19/cisa-bod-25-01-directive-secure-microsoft-cloud-environments/ #cloudsecurity #Microsoft365 #government #Don'tmiss #Hotstuff #Sectigo #News #CISA

CISA orders federal agencies to secure their Microsoft cloud environments https://www.helpnetsecurity.com/2024/12/19/cisa-bod-25-01-directive-secure-microsoft-cloud-environments/ #cloudsecurity #Microsoft365 #government #Don'tmiss #Hotstuff #Sectigo #News #CISA

CISA orders federal agencies to secure their Microsoft cloud environments https://www.helpnetsecurity.com/2024/12/19/cisa-bod-25-01-directive-secure-microsoft-cloud-environments/ #cloudsecurity #Microsoft365 #government #Don'tmiss #Hotstuff #Sectigo #News #CISA

@geant what a mess with #sectigo certificates

How could a european research institute like #geant ever even think about signing a contract with a non EU provider?

@geant what a mess with #sectigo certificates

How could a european research institute like #geant ever even think about signing a contract with a non EU provider?

@geant what a mess with #sectigo certificates

How could a european research institute like #geant ever even think about signing a contract with a non EU provider?

@geant what a mess with #sectigo certificates

How could a european research institute like #geant ever even think about signing a contract with a non EU provider?

Aus gegebenem Anlass:

Das könnte für einige von euch eine gewisse Relevanz aufweisen: solltet ihr GÉANT-Zertifikate für für euch wichtige Dienste nutzen, solltet Ihr die unbedingt jetzt noch einmal erneuern, um mehr Spielraum zu haben. Es ist nämlich im Moment davon auszugehen, dass #Sectigo ab dem 10. Januar keine mehr ausstellen wird. Die #DFN-PKI Global ist aber nicht mehr und wird auch nicht wiederkommen.

https://doku.tid.dfn.de/de:dfnpki:tcsfaq:aktuellesituation

Aus gegebenem Anlass:

Das könnte für einige von euch eine gewisse Relevanz aufweisen: solltet ihr GÉANT-Zertifikate für für euch wichtige Dienste nutzen, solltet Ihr die unbedingt jetzt noch einmal erneuern, um mehr Spielraum zu haben. Es ist nämlich im Moment davon auszugehen, dass #Sectigo ab dem 10. Januar keine mehr ausstellen wird. Die #DFN-PKI Global ist aber nicht mehr und wird auch nicht wiederkommen.

https://doku.tid.dfn.de/de:dfnpki:tcsfaq:aktuellesituation

Aus gegebenem Anlass:

Das könnte für einige von euch eine gewisse Relevanz aufweisen: solltet ihr GÉANT-Zertifikate für für euch wichtige Dienste nutzen, solltet Ihr die unbedingt jetzt noch einmal erneuern, um mehr Spielraum zu haben. Es ist nämlich im Moment davon auszugehen, dass #Sectigo ab dem 10. Januar keine mehr ausstellen wird. Die #DFN-PKI Global ist aber nicht mehr und wird auch nicht wiederkommen.

https://doku.tid.dfn.de/de:dfnpki:tcsfaq:aktuellesituation

Aus gegebenem Anlass:

Das könnte für einige von euch eine gewisse Relevanz aufweisen: solltet ihr GÉANT-Zertifikate für für euch wichtige Dienste nutzen, solltet Ihr die unbedingt jetzt noch einmal erneuern, um mehr Spielraum zu haben. Es ist nämlich im Moment davon auszugehen, dass #Sectigo ab dem 10. Januar keine mehr ausstellen wird. Die #DFN-PKI Global ist aber nicht mehr und wird auch nicht wiederkommen.

https://doku.tid.dfn.de/de:dfnpki:tcsfaq:aktuellesituation

Aus gegebenem Anlass:

Das könnte für einige von euch eine gewisse Relevanz aufweisen: solltet ihr GÉANT-Zertifikate für für euch wichtige Dienste nutzen, solltet Ihr die unbedingt jetzt noch einmal erneuern, um mehr Spielraum zu haben. Es ist nämlich im Moment davon auszugehen, dass #Sectigo ab dem 10. Januar keine mehr ausstellen wird. Die #DFN-PKI Global ist aber nicht mehr und wird auch nicht wiederkommen.

https://doku.tid.dfn.de/de:dfnpki:tcsfaq:aktuellesituation

WICHTIG:

#Sectigo hat vorzeitig die den Vertrag bezüglich #Geant Zertifikate gekündigt.

#adminlife #dfn #security

https://doku.tid.dfn.de/de:dfnpki:tcsfaq:aktuellesituation