21% of websites still use insecure SHA-1 certificates 

New research from Venafi Labs shows that 21 percent of the world’s websites are still using certificates signed with the vulnerable Secure Hash Algorithm, SHA-1.On February 23, 2017, Google affiliated security researchers announced they cracked the SHA-1 security standard using a collision attack. The incident proved that the deprecated cryptographic secure hash algorithm still used to sign many website digital certificates can be manipulated.Newly issued certificates using the SHA-2 family of hash functions solve these problems, but Venafi Labs’ research shows that many companies have not replaced all their certificates with ones signed by SHA-2. This leaves organizations open to security breaches, compliance problems, and outages that can affect security, availability, reliability and even profits.

Source: 21% of websites still use insecure SHA-1 certificates – Help Net Security

Advertisements
Categories: Uncategorized

Post navigation

Comments are closed.

Create a free website or blog at WordPress.com.

%d bloggers like this: