Friday, February 26, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Let’s Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug

March 4, 2020
in Internet Privacy
Let’s Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

The most popular free certificate signing authority Let’s Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software.

The bug, which Let’s Encrypt confirmed on February 29 and was fixed two hours after discovery, impacted the way it checked the domain name ownership before issuing new TLS certificates.

You might also like

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

The Top Free Tools for Sysadmins in 2021

As a result, the bug opened up a scenario where a certificate could be issued even without adequately validating the holder’s control of a domain name.

The Certification Authority Authorization (CAA), an internet security policy, allows domain name holders to indicate to certificate authorities (CAs) whether or not they are authorized to issue digital certificates for a specific domain name.

Let’s Encrypt considers domain validation results good only for 30 days from the time of validation, after which it rechecks the CAA record authorizing that domain before issuing the certificate. The bug — which was uncovered in the code for Boulder, the certificate signing software used by Let’s Encrypt — is as follows:

“When a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times.” In other words, when Boulder needed to parse, for example, a group of 5 domains names that required CAA rechecking, it would check one domain name 5 times as opposed to checking each of the 5 domains once.

The company said the bug was introduced as part of an update back in July 2019.

This means that Let’s Encrypt might have issued certificates that it shouldn’t have in the first place, as a result of which it’s revoking all the TLS certificates that were affected by the bug.

The development comes as Let’s Encrypt project announced last week that it had issued its one-billionth free TLS certificate since its launch in 2015.

SSL error page

Let’s Encrypt said 2.6 percent of approximately 116 million active certificates are affected — about 3,048,289 — out of which about one million are duplicates of other affected certificates.

Affected website owners have until 8PM UTC (3PM EST) March 4 to manually renew and replace their certificates, failing which visitors to the websites will be greeted with TLS security warnings — as the certificates are revoked — until the renewal process is complete.

It’s worth noting that the certificates issued by Let’s Encrypt are valid for a period of 90 days, and ACME clients such as Certbot are capable of automatically renewing them.

But with Let’s Encrypt revoking all impacted certificates, website admins will have to perform a forced renewal to prevent any interruptions.

Besides using the tool https://checkhost.unboundtest.com/ to check if a certificate needs replacement, Let’s Encrypt has put together a downloadable list of affected serial numbers, allowing subscribers to check if their websites rely on an affected certificate.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Dow Jones Won’t Recover Until Trump Steps Up for Wall Street

Next Post

Facebook has a new tool to spot spammers, and it's already taken down billions of accounts

Related Posts

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack
Internet Privacy

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

February 26, 2021
Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
Internet Privacy

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

February 25, 2021
The Top Free Tools for Sysadmins in 2021
Internet Privacy

The Top Free Tools for Sysadmins in 2021

February 25, 2021
Everything You Need to Know About Evolving Threat of Ransomware
Internet Privacy

Everything You Need to Know About Evolving Threat of Ransomware

February 25, 2021
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
Internet Privacy

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

February 25, 2021
Next Post
Facebook sues SDK maker for secretly harvesting user data

Facebook has a new tool to spot spammers, and it's already taken down billions of accounts

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Basic laws of physics spruce up machine learning
Machine Learning

New machine learning tool facilitates analysis of health information, clinical forecasting

February 26, 2021
Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal
Neural Networks

Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal

February 26, 2021
Spy agency: Artificial intelligence is already a vital part of our missions
Internet Security

Spy agency: Artificial intelligence is already a vital part of our missions

February 26, 2021
Blockchain lags behind other technologies in finance adoption for now, says Broadridge
Blockchain

Blockchain lags behind other technologies in finance adoption for now, says Broadridge

February 26, 2021
Supercomputer-Powered Machine Learning Supports Fusion Energy Reactor Design
Machine Learning

Supercomputer-Powered Machine Learning Supports Fusion Energy Reactor Design

February 26, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • This chart shows the connections between cybercrime groups February 26, 2021
  • New machine learning tool facilitates analysis of health information, clinical forecasting February 26, 2021
  • Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal February 26, 2021
  • Spy agency: Artificial intelligence is already a vital part of our missions February 26, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates