CYBER Insights » THREAT INTEL: Replace Entrust Digital Certificates Now, before they become Untrusted on 1 Nov 2024.

THREAT INTEL: Replace Entrust Digital Certificates Now, before they become Untrusted on 1 Nov 2024.

standard-quality-control-collage (1)
Image Credit: FreePik

Gibraltar: Tuesday 02 July 2024 at 11:50 CET

THREAT INTEL: Replace Entrust Digital Certificates Now, before they become Untrusted on 1 Nov 2024.

By Andy Jenkinson – Guest Contributor |  Group CEO Cybersec Innovation Partners
via CYBERInsights
First for SME Cybersecurity News
Google Indexed on 020724 at 12:20 CET

#CyberInsights #SMECybersecurityNews #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI

The Countdown is on: There are 123 Days to identify and replace Entrust Digital Certificates before they become Untrusted on 1 Nov 2024.

The task, in order or importance:

1) Identify ALL Internet Facing Assets using Entrust Certs
2) Replace ALL Entrust Certs by 1 November 2024

Sounds easy doesn’t it. The challenge however is vast. The majority of companies DO NOT have a full inventory of their Internet Assets mainly due to the ‘Digital Gold Rush‘ over the last 15 -20 years.

Hundreds, even Thousands of subdomains are literally strewn all over the place used by criminals to gain unlawful Access into a Network. That’s before we start thinking configuration, redirection, and of course DNS… Servers using Entrust Certs will also be effected.

Sadly, we are not able to help everyone, however, Whitethorn and Whitethorn Shield can identify ALL Internet Assets and Identify the Digital Certificate issuer whether it be DigiCert, GlobalSign, or any other, including Entrust.

AJ_010724_2


Once identified, the appropriate certs can be replaced with certs from a Trusted provider. Panic over…

As I say, the scale of the problem is pretty vast and unfortunately the only way we could ever hope to identify ALL Entrust Certs in the wild is if Entrust themselves were to offer this as a service from us. That is unlikely to happen so in the meantime, please start forming an orderly que.

[email protected]

Cybersec Innovation Partners
GCHQ
FBI Cyber Division
Information Commissioner’s Office
U.S. Securities and Exchange Commission
ICANN
IETF
BBC News
ITV News
ABC News
CNBC
hashtagInternetSecurity
DNS PKI

 

About Andy Jenkinson

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years’ experience as a hands-on lateral thinking CEO, coach, and leader. A ‘big deal’ business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100’s £ millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world’s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.