February 06, 2020 – Cyemptive Technologies, a provider of preemptive cybersecurity products and technology and winner of the Department of Homeland Security’s national competition for most innovative solutions in the market, today warned of continuing dangers to businesses and government entities from hacked and hijacked digital certificates. Cyemptive detected the Windows CryptoAPI (Crypt32.dll) issue, now CVE-2020-0601, more than 12 months ago and detected the collectors harvesting entities certificates and keys.
“Digital certificates are hacked and harvested on an average of every 10 minutes or less,” said Rob Pike, founder and CEO of Cyemptive. “In the past, companies have focused on issuing patches; however, less than one percent of the market has actually replaced their digital certificates and keys. The result is that most organizations are still vulnerable to cyber hacks and hijacking through their digital certificates.”
According to industry research, hacking or hijacking of digital certificates has been a growing cybersecurity threat for enterprises of all sizes especially in the past year. Digital certificates are an important part of the security mix for businesses and government entities, offering an extra layer of security by providing electronic “passwords” that allow people and organizations to securely exchange data over the Internet. Computers whose digital certificates are compromised, open themselves to malware attacks that can gain full access to the computer, stealing any information it finds.
“Even if companies have taken measures to update their libraries, it is important for them to replace their digital keys and certificates as well,” said Pike. “Although the library may be patched, the digital certificate has already been exposed in clear text and extracted over the past year, especially from the top businesses today. The market needs to quickly regenerate new keys, certificates and make sure the patches are applied.“
About Cyemptive Technologies
Founded in 2014, Cyemptive is a provider of preemptive cybersecurity products and technology. With a leadership team comprised of executives from several of the world’s most powerful technology and security organizations, including the former CIO of Microsoft and the former Chief Computer Architect for the National Security Agency, the company’s focus is on delivering an alternative approach to security. It is winner of the Department of Homeland Security’s Border Security Technology Consortium (BSTC) competition for most innovative border security-related solution in the market. More information about Cyemptive Technologies is available at www.cyemptive.com.
For more information please contact: