Leveraging trusted internal channels has long been a gold standard for cybercriminals seeking to evade organizational defenses, but a recent campaign uncovered by Proofpoint signals a new level of ingenuity in exploiting a familiar Microsoft 365 feature: Direct Send. This functionality, designed...
The landscape of enterprise security is continually shaped by the challenge of maintaining trust in a rapidly evolving certificate ecosystem. As Windows environments become even more integral to critical business operations, Microsoft’s Application Control for Business—previously known as...
application control
ca lifecycle
ca transition
certificate authorities
code signing
digitalcertificates
endpoint security
enterprise security
microsoft ca
pki
policy management
security automation
security best practices
security compliance
security policy
trust inference
trust management
windows defender
windows security
windows updates
As enterprise security needs grow more complex and digital threats evolve, Microsoft continues to adapt its security framework accordingly. With the recent overhaul in Application Control for Business—formerly known as Windows Defender Application Control (WDAC)—organizations now face...
The silent war over corporate Domain Name System (DNS) integrity is intensifying, with global cyber adversaries relentlessly probing for gaps in the digital fabric that connects modern enterprises. In response to this growing threat landscape, Akamai has announced the launch of its DNS Posture...
automated security
certificate management
cloud compliance
cloud infrastructure
cloud security
cybersecurity
digitalcertificates
dns attack prevention
dns configuration
dns integrity
dns monitoring
dns posture management
dns security
dns threat detection
dns vulnerabilities
managed security services
multi-cloud security
quantum-resistant dns
security automation
security operations center
The latest evolution of Windows support for Application Control for Business introduces a significant and controversial overhaul: a new Certificate Authority (CA) handling logic designed to bolster software trust and compliance in modern enterprise environments. Users and administrators who rely...
Microsoft's Application Control for Business (ACfB), formerly known as Windows Defender Application Control (WDAC), has introduced a significant enhancement in its certificate authority (CA) handling logic. This update aims to bolster security by refining how digital certificates are managed...
acfb
application control
business security
ca trust management
certificate authorities
code integrity
credential validation
cybersecurity
digitalcertificates
it security management
malware prevention
microsoft
security enhancement
security policies
security policy customization
system administration
threat mitigation
trusted cas
windows defender
windows security
A new wave of concern has emerged in Microsoft-focused IT circles following the tech giant’s recent disclosure of a significant security vulnerability within Active Directory Certificate Services (AD CS). Identified as CVE-2025-29968, this vulnerability puts a spotlight on the enduring...
active directory
ad cs
authentication security
cve-2025-29968
cybersecurity
denial of service
digitalcertificates
enterprise security
infrastructure security
it security best practices
microsoft security
network security
patch management
pki security
security patch
security vulnerability
threat awareness
vulnerability management
windows server
For users who have grown accustomed to sticking with legacy versions of software, the world continues to evolve around them—sometimes with unforeseen and disruptive consequences. An upcoming change scheduled for March 14, 2025, is about to illustrate this reality for countless Firefox users...
add-ons
browser compatibility
browser support
browser upgrade
cyber threats
cybersecurity
digitalcertificatesdigital rights management
extended support release
firefox
internet security
legacy systems
mozilla
operating systems
root certificate
security best practices
security risks
software updates
web compatibility
web security
In today's interconnected world, where safeguarding digital assets and maintaining trust are paramount, the marriage of DigiCert ONE and Microsoft Azure couldn't come at a better time. DigiCert, a titan in the domain of digital trust and public key infrastructure (PKI), has strategically aligned...
Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm (called “SHAttered”). This is a significant step toward understanding this type of security issue...
Revision Note: V2.0 (May 18, 2016): Advisory updated to provide links to the current information regarding the use of the SHA1 hashing algorithm for the purposes of SSL and code signing. For more information, see Windows Enforcement of Authenticode Code Signing and Timestamping.
Summary...
Revision Note: V1.0 (January 12, 2016): Advisory published.
Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of...
Revision Note: V1.0 (January 12, 2016): Advisory published.
Summary: Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy no longer allows root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of...
Revision Note: V1.0 (November 30, 2015): Advisory published.
Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...
Revision Note: V1.0 (November 30, 2015): Advisory published.
Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...
Revision Note: V1.0 (September 24, 2015): Advisory published.
Summary: Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other...
Revision Note: V1.0 (September 24, 2015): Advisory published.
Summary: Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other...
Revision Note: V1.0 (March 24, 2015): Advisory published.
Summary: Microsoft is aware of improperly issued digital certificates coming from the subordinate CA, MCS Holdings, which could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. The...
Revision Note: V1.0 (March 16, 2015): Advisory published.
Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported...
Revision Note: V1.0 (March 16, 2015): Advisory published.
Summary: Microsoft is aware of an improperly issued SSL certificate for the domain “live.fi” that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported...