Security Alerts & News
by Tymoteusz A. Góral

History
#463 Google builds list of untrusted digital certificate suppliers
Google's has bolstered its toolset for keeping tabs on digital certificate suppliers that go rogue.

That toolset, a Google-designed digital certificate logging system known as Certificate Transparency (CT), can help protect Chrome users from the kind of mis-issued Secure Sockets Layer (SSL) certificates that Symantec generated last year for some Google domains.

The incident sparked an angry response from Google, which demanded that from June 1, 2016, Symantec log all certificates it issues in line with Google's Chromium CT policy or else websites that rely on its certificates will be flagged as dangerous by Chrome.
#462 Microsoft adds new feature in Office 2016 that can block macro malware
Microsoft is finally addressing the elephant in the room in terms of security for Office users and has announced a new feature in the Office 2016 suite that will make it harder for attackers to exploit macro malware.
#461 Android rooting bug opens Nexus phones to “permanent device compromise”
Millions of Android phones, including the entire line of Nexus models, are vulnerable to attacks that can execute malicious code and take control of core functions almost permanently, Google officials have warned.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12