Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by badkeys (badkeys@infosec.exchange)

Embed this notice
badkeys (badkeys@infosec.exchange)'s status on Saturday, 18-Jan-2025 20:17:25 JST badkeys
- Kevin Beaumont
- Dr. Christopher Kunz
@christopherkunz @GossiTheDog nothing spectacular, random small company webpages and some likely internal hostnames.

In conversation about 3 months ago from infosec.exchange permalink
Embed this notice
badkeys (badkeys@infosec.exchange)'s status on Tuesday, 26-Nov-2024 18:51:42 JST badkeys

I discovered a certificate using a "public private key", in this case a key that is part of OpenSSL's test suite. This would not necessarily be a particularly interesting event. It happens every now and then that people use private keys they find on the Internet, likely due to a lack of understanding of public key cryptography. I usually report them for revocation, and move on. However, this one is a bit more unusual. It has been issued by the CA Digicert - for a domain owned by Digicert. https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/d21mtDJ7YXQ
In conversation about 5 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  Certificate with compromised key / *.digicert-demo.com

User actions

badkeys is an open-source tool and web service to identify compromised cryptographic keys.

Tags

(None)

Following 0

Followers 0

Groups 0

Statistics

User ID: 300377

Member since: 26 Nov 2024

Notices: 2

Daily average: 0

Feeds

Atom