|
This is a courtesy notice that if your company has Entrust-issued TLS certificates in load-bearing capacities, you would do well to figure out how you would move to either or both of a) another CA, or b) 90-day cert validity periods . Thank you. You may return to burning effigies of the Palo Alto product manager of your choice.
|
# ? May 6, 2024 15:26 |
|
|
# ? May 7, 2024 14:30 |
|
Subjunctive posted:This is a courtesy notice that if your company has Entrust-issued TLS certificates in load-bearing capacities, you would do well to figure out how you would move to either or both of a) another CA, or b) 90-day cert validity periods . your certificate authority is a piece of poo poo
|
# ? May 6, 2024 15:37 |
|
Look some were issued incorrectly but our clients told us it would be disruptive for us to revoke them and the customer is always right you see
|
# ? May 6, 2024 15:49 |
tadashi posted:I love how smug I feel when I don't get an interview for an infosec job I applied for and then the company has a huge information security issue.
|
|
# ? May 6, 2024 15:56 |
|
BlankSystemDaemon posted:It means they were looking to hire someone to take the fall for existing issues. I find that the issues are already a known issue internally and this is to backfill the current fall guys.
|
# ? May 6, 2024 16:11 |
|
Sickening posted:I find that the issues are already a known issue internally and this is to backfill the current fall guys. How much is the going rate for professional fall guy?
|
# ? May 6, 2024 16:12 |
|
BlankSystemDaemon posted:It means they were looking to hire someone to take the fall for existing issues.
|
# ? May 6, 2024 17:47 |
|
Subjunctive posted:This is a courtesy notice that if your company has Entrust-issued TLS certificates in load-bearing capacities, you would do well to figure out how you would move to either or both of a) another CA, or b) 90-day cert validity periods . Anyone got a summary I can put in front of my CISO boss's eyes
|
# ? May 6, 2024 18:07 |
|
https://substack.com/@aaomidi
|
# ? May 6, 2024 18:09 |
|
Rust Martialis posted:Anyone got a summary I can put in front of my CISO boss's eyes
|
# ? May 6, 2024 18:10 |
|
I finally registered to take the CISSP. I've used the official study guide, some classes, Destination CISSP, CISSP flash cards, podcasts. Basically everything I can think of other than actual Brain Dumps/test banks. Any last advice from anyone?
|
# ? May 6, 2024 18:17 |
|
Rust Martialis posted:Anyone got a summary I can put in front of my CISO boss's eyes Expecting one from the head of Mozilla’s root program in the next day or two, maybe today. Amir’s above is pretty good though incomplete.
|
# ? May 6, 2024 18:24 |
|
Another successful goon project
|
# ? May 6, 2024 18:27 |
|
Serious Hardware/Software Crap › The Infosec Thread: Yes, time to move off Entrust
|
# ? May 6, 2024 18:45 |
|
En"Trust"
|
# ? May 6, 2024 18:57 |
|
Zero trust refers to vendors
|
# ? May 6, 2024 19:09 |
|
unknown posted:Serious Hardware/Software Crap › The Infosec Thread: Yes, time to move off Entrust lol, this is great. Reported it to remind myself next time I'm at a computer.
|
# ? May 6, 2024 19:59 |
|
Rust Martialis posted:Anyone got a summary I can put in front of my CISO boss's eyes https://wiki.mozilla.org/CA/Entrust_Issues just dropped waiting for Bruce Morton to release a diss track response
|
# ? May 6, 2024 22:09 |
|
Subjunctive posted:https://wiki.mozilla.org/CA/Entrust_Issues just dropped Step aside Kendrick, Bruce has beef
|
# ? May 6, 2024 22:14 |
|
|
# ? May 7, 2024 14:30 |
|
Oct posted:I haven't vetted these myself but the folks behind the DFIR Report have started offering a few hands-on labs which might be good: I'll take a look at these, thanks!
|
# ? May 7, 2024 00:06 |