Issuing and installing SSL certificates doesn’t have to be a challenge, especially when there are tools like acme.sh available. Jack Wallen shows you how to install and use this handy script. Image: Getty Images/iStockphoto Installing SSL certificates isn’t difficult, but it’s a process every Linux administrator will have to take on at some point in their career. One of the more popular methods of getting and installing SSL certificates on Linux is by way of…

An alert has been issued by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) over Conti ransomware. In the warning, which was posted on September 22, the agencies observed the increased use of Conti in more than 400 attacks against organizations in the United States and internationally.  The alert said that Conti actors often get network access via spearphishing campaigns, stolen or weak Remote Desktop Protocol (RDP) credentials, phone calls, fake software…

A court in Illinois has issued an opinion clarifying how the statute of limitations should be applied to the state’s Biometric Information Privacy Act (BIPA). In what The National Law Review described as “a highly anticipated ruling,” the Illinois Appellate Court published an opinion that while a one-year deadline would be applied to claims based on unlawful profit or disclosure, claims relating to data retention policy disclosure, informed consent, and safeguarding would have a limitation period of five years. …

What is Cloud Workload Protection? Cloud Workload Protection is the process of keeping workloads that move across different cloud environments secure. The entire workload must be functional for a cloud-based application to work properly without introducing any security risks. Cloud workload protection is therefore fundamentally different from application security on a desktop machine. Today, many organizations are in flux with these environments and leverage a hybrid cloud model with a combination of infrastructure on-premises and…

Specops recently released a roundup of the top 20 TV shows found on breached password lists. These shows offer plenty of entertainment, but aren’t ideal for password inspiration. Sorry, “Cheers” fans. Image: Daniel Chetroni/Shutterstock Forgotten passwords can be a time suck and a general drag. As a result, people often resort to less than ideal cybersecurity strategies. On Monday, Specops Software, a password management and authentication company, released a roundup of the popular TV shows…

Attackers can easily buy, deploy and scale phishing campaigns to steal credentials and other sensitive data, says Microsoft. Image: iStock/OrnRin Just as many legitimate businesses outsource operations and services, so do cybercriminals. Cybercrime as a service has expanded to malware, ransomware and even phishing campaigns. A Microsoft blog post published on Tuesday looks at one specific phishing-as-a-service operation and the danger it poses to organizations. SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)   Named BulletProofLink,…