Tag Archives: weak keys

512-bit Certificates Abused in the Wild

November 28, 2011 by Bruce Morton     No Comments

Late last month, we were advised that some malware used in a spear-phishing attack was signed using 512-bit RSA Web server certificates. In a recent blog post from FOX-IT, it was confirmed that the abused certificates were issued by more than one CA to more than one subscriber and it was concluded that the certificate [Read More...]

Filed Under: Secure Browsing, SSL Tagged With: EKU, SSL, weak keys

Entrust Bulletin on Certificates Issued with Weak 512-bit RSA Keys by Digicert Malaysia

November 3, 2011 by Entrust, Inc.     No Comments

It has been discovered that Digicert Malaysia has issued certificates with weak 512-bit RSA keys and missing certificate extensions. Their certificate issuing practices violated their agreement, their CPS, and accepted CA standards. Read more at: http://www.entrust.net/advisories/malaysia.htm

Filed Under: General Tagged With: SSL, weak keys