News 09-30-2021

Latest News in TLS/SSL: September 2021


Here is our latest news roundup of articles about network and TLS/SSL security. Click here to see the whole series..

TLS News

  • In September the number of web certificates in use surpassed 100 million for the first time. According to Netcraft, there were 100,323,811 valid certificates, an increase of 1.39% since August.
  • Apple is depreciating TLS 1.0 and 1.1 in both iOS and macOS. Currently, TLS 1.0 and 1.1 are not supported in iOS 15 and macOS 12, but all support will be removed in the future.
  • Let’s Encrypt’s root certificate, IdentTrust DST Root CA X3, expired Sept. 30. Any devices that do not trust the new the ISRG Root X1 root certificate will experience warnings on any sites with Let’s Encrypt certificates after Sept. 30.
  • The EFF announced plans to deprecate HTTPS Everywhere since HTTPS has been widely adopted.

Data breaches


  • Apple released an emergency software update Sept. 13 for a vulnerability in iPhone, iPad, Apple Watches and Mac Computers that allowed an advanced form of spyware from NSO Group, an Israeli company.
  • An attacker released nearly 90,000 credential sets for FortiGate SSL VPN devices. Users should reset their passwords to protect against network attacks.

Government regulation

  • The U.S. Office of Management and Budget released a draft of the Federal Zero Trust Strategy, which will help move government agencies to a baseline of zero trust.
  • U.S. President Joe Biden issued security guidance for companies to curb cyberattacks, especially following the recent hacks on U.S. companies.


Digital Signatures

Internet of Things

  • A new report by DigitalEurope found that the Internet of Things is missing product legislation for cybersecurity and lacks monitoring throughout a product’s lifecycle. The researchers recommend that the EU Commission launches proposals for legislation as soon as possible.

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


Survey says: 1/3 of leaders are more vulnerable than they think

Lessons from the Equifax data breach

How poor certificate visibility led to a
76-day-long leak of sensitive information

Reflections and projections on DNS’s role in digital trust