Neil CraigDec 4

ICYMI:

**Globalsign certs issued on Monday 1st Dec 2025 will not be trusted on some clients because they incorrectly use 2027 CT logs.**

You can simply reissue them to resolve the problem.

https://status.globalsign.com/incidents/49ndl5hz24h2

#PKI #GlobalSign #WebDev #TLS #CTLogs

SSL errors occur for TLS certificates issued on December 1

GMO GlobalSign's Status Page - SSL errors occur for TLS certificates issued on December 1.

Show threadhalSep 28, 2025
@fluepke Ich hab meine von #GlobalSign
CyberVeille.chJul 8, 2025
📱 DĂ©couverte d'une variante backdoor de SonicWall NetExtender
📝 Dans un rapport publiĂ© par eSentire, leur **Threat Response Unit (TRU)** a dĂ©couvert en juin 2025 une version backdoor du client **SonicWa...
📖 cyberveille : https://cyberveille.ch/posts/2025-07-08-decouverte-d-une-variante-backdoor-de-sonicwall-netextender/
🌐 source : https://www.esentire.com/blog/threat-actors-recompile-sonicwalls-netextender-to-include-silentroute-backdoor
#GlobalSign #NetExtender #Cyberveille
DĂ©couverte d'une variante backdoor de SonicWall NetExtender

Dans un rapport publiĂ© par eSentire, leur Threat Response Unit (TRU) a dĂ©couvert en juin 2025 une version backdoor du client SonicWall NetExtender, dĂ©signĂ©e sous le nom de SilentRoute par Microsoft. Cette version malveillante est presque identique au logiciel lĂ©gitime, mais avec des modifications subtiles permettant l’exfiltration de donnĂ©es sensibles. Le processus d’infection commence lorsque l’utilisateur tĂ©lĂ©charge le client NetExtender depuis un site frauduleux imitant la page officielle de SonicWall. Le fichier tĂ©lĂ©chargĂ©, un installateur MSI signĂ© nommĂ© “SonicWall-NetExtender.msi”, utilise un certificat numĂ©rique frauduleux Ă©mis par GlobalSign, permettant de contourner la protection SmartScreen de Microsoft.

CyberVeille
Max ResingSep 11, 2024

20$ and a few days of enthusiasm and work granted a researcher access to way too many moving parts of the mobi. #TLD, because the #whois server domain changed. If I understand it correctly did the researcher simply register the old #domain.

arstechnica.com reports that the user was even able to "rightfully" claim ownership of certificates. The example mentioned is, that he could have claimed authority over "microsoft[.]mobi" of which #GlobalSign is the #certificate #authority.

Recommend to give this article at least a brief read.

#DNS #infosec #whois #infrastructure #digitalgovernance

Rogue WHOIS server gives researcher superpowers no one should ever have

.mobi top-level-domain managers changed the location of its WHOIS server. No one got the memo.

Ars Technica
W3TechsJan 2, 2024
#GlobalSign is the SSL certificate authority of the year
https://w3techs.com/blog/entry/web_technologies_of_the_year_2023
Web Technologies of the Year 2023

ThortiJan 20, 2021
Strange: #Globalsign Root CA - R3 ist plötzlich #revoked ?
Auf https://revoked.r3.roots.globalsign.com kommt man net mehr drauf, aber https://valid.r3.roots.globalsign.com sagt Zertifikat ist valid. Diverse Browser werfen aber seit ca. 30min Fehler...
GlobalSign Root CA - R3