10% of expired certificates on the internet pose a security threat

Image via Unsplash

A recent survey by AppViewZ found that internet certificates are exposed to vulnerabilities. The survey found that nearly 80% of transport layer security (TLS) certificates on the internet are vulnerable to Man in the Middle (MiM) attacks, while as many as 25% of all certificates are expired at any given time.

Survey highlights include:

21% of servers on the internet utilize TLS 1.3, meaning 79% of SSL certificates in use today are still subject to MiM attacks.
Up to 25% of certificates on the internet pose a security threat because are expired (10%) or self-signed (15%) which are not considered secure for publicly accessible websites or services.
45% of IP addresses exposed to the top 10 vulnerabilities also had expired certificates (22%) or self-signed certificates (23%).
The Generic Top-Level Domains (gTLDs) with the most expired certificates are:
- .org (15%)
- .com (12%)
- .mil (11%)

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.