Protecting Public Key Infrastructure (PKI) Environments and Certificate Authorities (CAs) Against Password Fatigue and Authentication Risks: A Guide for Cybersecurity Professionals Using PKI Spotlight

By Josh Sommer | March 8, 2023 |
PKI Solutions MFA 2FA Multi Factor Authentication two factor authentication fatigue cybersecurity CA 3.8.23

Abstract  Public Key Infrastructure (PKI) and Certificate Authorities (CAs) play a crucial role in digital security, ensuring the authenticity and integrity of online communications. However, PKI and CA environments are vulnerable to various authentication risks, including password fatigue, which can compromise the security of an organization’s sensitive data. This guide provides insights into these risks…

Read More

Hidden switches of Certutil.exe and Certreq.exe

By ThePKIGuy | March 3, 2023 |

Hey Kids, Rock and Roll! Two of the most reliable toolsets in Windows for the last two decades have been the tandem of certutil.exe and certreq.exe. It’s no secret there are a wealth of very useful functions exposed in the basic usage of these tools, also documented publicly here: certutil.exe public documentation certreq.exe public documentation…

Read More

Gardening and Weeding Certificate Templates: Private Key Flags 

By Michael Bruno | January 18, 2023 |
Certificate Template Mismanagement Cybersecuroty Threat Risk Compliance Laws Regulations IT Insurance Risk Analysts and Audits

Mismanagement of certificate templates is one of the lowest of the low-hanging fruits when it comes to ADCS threat vectors. Among other things, a misconfigured certificate template can lead to a threat actor obtaining a certificate which could be used for privilege escalation up to and including Enterprise Administrator!  As you can imagine, it’s a…

Read More