A recent survey by AppViewZ found that internet certificates are exposed to vulnerabilities. The survey found that nearly 80% of transport layer security (TLS) certificates on the internet are vulnerable to Man in the Middle (MiM) attacks, while as many as 25% of all certificates are expired at any given time.

Survey highlights include:

• 21% of servers on the internet utilize TLS 1.3, meaning 79% of SSL certificates in use today are still subject to MiM attacks.
• Up to 25% of certificates on the internet pose a security threat because are expired (10%) or self-signed (15%) which are not considered secure for publicly accessible websites or services.
• 45% of IP addresses exposed to the top 10 vulnerabilities also had expired certificates (22%) or self-signed certificates (23%).
• The Generic Top-Level Domains (gTLDs) with the most expired certificates are:
  • .org (15%)
  • .com (12%)
  • .mil (11%)