Threat Post

Stealing Private SSL Keys Using Heartbleed Difficult, Not Impossible

Experts say it’s highly unlikely private SSL keys can be stolen by hackers using the Heartbleed OpenSSL bug, but not impossible. Heartbleed can be patched, and passwords can be changed. But can you ...
Ars Technica

Lavabit got order for Snowden’s login info, then gov’t demanded site’s SSL key

The American government obtained a secret order from a federal judge in Virginia demanding that Lavabit hand over its private SSL key, enabling authorities to access Edward Snowden’s e-mail—and e-mail ...
Threat Post

Group Publishes Database of Embedded Private SSL Keys

A new project has produced a large and growing list of the private SSL keys that are hard-coded into many embedded devices, such as consumer home routers. The LittleBlackBox Project comprises a list ...
Bleeping Computer

Trustico States They Stored Private Keys for Customers' SSL Certificates

Trustico, a reseller of SSL certificates, has stated that they stored the private keys of some of the SSL certificates it issued to its customers over the past years. This came in the form of a ...