The Dark Side of Certificates: Exposing Your Network to Hackers

A slightly dramatic title, but not misleading. Discover how the SAN field in TLS/SSL certificates often exposes too much information. The article also offers suggestions on how to mitigate the risk of expanding potential attack surfaces.

Results; all discovered hostnames from Fortune 500 base websites: https://gist.github.com/alen-z/90e805cb6309f67c3d15809a3b3e2...