{"id":10938,"date":"2024-07-02T11:00:44","date_gmt":"2024-07-02T09:00:44","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=10938"},"modified":"2024-07-03T10:35:29","modified_gmt":"2024-07-03T08:35:29","slug":"entrust-digital-certificates","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2024\/07\/02\/entrust-digital-certificates\/","title":{"rendered":"THREAT INTEL: Replace Entrust Digital Certificates Now, before they become Untrusted on 1 Nov 2024."},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"standard-quality-control-collage\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
Image Credit: FreePik<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Gibraltar: Tuesday 02 July 2024 at 11:50 CET<\/p>\n

THREAT INTEL: Replace Entrust Digital Certificates Now, before they become Untrusted on 1 Nov 2024.<\/strong><\/p>\n

By Andy Jenkinson \u2013 Guest Contributor |\u00a0 Group CEO\u00a0Cybersec Innovation Partners<\/a>
\nvia CYBERInsights<\/a>
\nFirst for\u00a0SME Cybersecurity News<\/a>
\nGoogle Indexed on 020724 at 12:20 CET<\/a><\/p>\n

#CyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI<\/em><\/p>\n

\n
\n
\n

The Countdown is on<\/strong>: There are 123 Days to identify and replace Entrust<\/a> Digital Certificates<\/strong> before they become Untrusted on 1 Nov 2024.<\/p>\n

The task, in order or importance:<\/p>\n

1) Identify ALL Internet Facing Assets using Entrust<\/a><\/strong> Certs
\n2) Replace ALL Entrust<\/a><\/strong> Certs by 1 November 2024<\/p>\n

Sounds easy doesn’t it. The challenge however is vast. The majority of companies DO NOT<\/strong> have a full inventory of their Internet Assets mainly due to the ‘Digital Gold Rush<\/strong>‘ over the last 15 -20 years.<\/p>\n

Hundreds, even Thousands of subdomains are literally strewn all over the place used by criminals to gain unlawful Access into a Network. That’s before we start thinking configuration, redirection, and of course DNS<\/strong>… Servers using Entrust<\/strong><\/a> Certs will also be effected.<\/p>\n

Sadly, we are not able to help everyone, however, Whitethorn and Whitethorn Shield can identify ALL Internet Assets and Identify the Digital Certificate issuer whether it be DigiCert<\/a>,<\/strong> GlobalSign<\/strong><\/a>, or any other, including Entrust<\/a><\/strong>.<\/p>\n<\/div>\n<\/div>\n<\/div>\n

\n
\n
<\/div>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"AJ_010724_2\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n
\n


\nOnce identified, the appropriate certs can be replaced with certs from a Trusted provider. Panic over…<\/p>\n

As I say, the scale of the problem is pretty vast and unfortunately the only way we could ever hope to identify ALL Entrust<\/strong><\/a> Certs in the wild is if Entrust<\/a><\/strong> themselves were to offer this as a service from us. That is unlikely to happen so in the meantime, please start forming an orderly que.<\/p>\n

andrew.jenkinson@cybersecip.com<\/a><\/p>\n

Cybersec Innovation Partners<\/a>
\nGCHQ<\/a>
\nFBI Cyber Division<\/a>
\nInformation Commissioner’s Office<\/a>
\nU.S. Securities and Exchange Commission<\/a>
\nICANN<\/a>
\nIETF<\/a>
\nBBC News<\/a>
\nITV News<\/a>
\nABC News<\/a>
\nCNBC<\/a>
\nhashtag<\/span>#<\/span>InternetSecurity<\/a>
\nDNS<\/a> PKI<\/a><\/span><\/span><\/p>\n

 <\/p>\n<\/div>\n<\/div>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

About Andy Jenkinson<\/span><\/strong><\/p>\n

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.<\/span><\/strong><\/p>\n

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years\u2019 experience as a hands-on lateral thinking CEO, coach, and leader. A \u2018big deal\u2019 business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100\u2019s \u00a3 millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world\u2019s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Image Credit: FreePik Learn More \/… Learn More \/…<\/p>\n","protected":false},"author":1,"featured_media":10942,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"yes","footnotes":""},"categories":[440],"tags":[439],"ppma_author":[505],"class_list":["post-10938","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberthreat-intel","tag-cyberthreat-intel"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1-300x200.jpg",300,200,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/07\/standard-quality-control-collage-1.jpg",400,267,false]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"SME CYBER\/THREAT INTEL<\/a>","tag_info":"SME CYBER\/THREAT INTEL","comment_count":"0","authors":[{"term_id":505,"user_id":1,"is_guest":0,"slug":"admin_yjdstq4n","display_name":"Cybersecurity Journalist Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/10938","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=10938"}],"version-history":[{"count":0,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/10938\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/10942"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=10938"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=10938"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=10938"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=10938"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}