Venafi research: Twenty-one percent of websites are still using insecure SHA-1 certificates and putting users at risk
New research from Venafi Labs shows that 21 percent of the world’s websites are still using certificates signed with the vulnerable Secure Hash Algorithm, SHA-1. On February 23, 2017, Google affiliated security researchers announced they cracked the SHA-1 security standard using a collision attack. The incident proved that the deprecated cryptographic secure hash algorithm still used to sign many website digital certificates can be manipulated. Newly issued certificates using the SHA-2 family of hash functions solve these problems, but Venafi Labs’ research shows that many companies have not replaced all their certificates with ones signed by SHA-2. This leaves organizations [...]