Security Alerts & News
by Tymoteusz A. Góral

History
#2141 Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
In a severe rebuke of one of the biggest suppliers of HTTPS credentials, Google Chrome developers announced plans to drastically restrict transport layer security certificates sold by Symantec-owned issuers following the discovery they have issued more than 30,000 certificates.

Effective immediately, Chrome plans to stop recognizing the extended validation status of all certificates issued by Symantec-owned certificate authorities, Ryan Sleevi, a software engineer on the Google Chrome team, said Thursday in an online forum. Extended validation certificates are supposed to provide enhanced assurances of a site's authenticity by showing the name of the validated domain name holder in the address bar. Under the move announced by Sleevi, Chrome will immediately stop displaying that information for a period of at least a year. In effect, the certificates will be downgraded to less-secure domain-validated certificates.
Read more
#2149 Soundwaves used to produce fake data from accelerometers
#2148 A new trend in Android adware: abusing Android plugin frameworks
#2147 LastPass bugs allow malicious websites to steal passwords
#2146 Winnti abuses GitHub for C&C communications
#2145 Lithuanian con artist scams two US tech giants out of $100 million
#2144 Chinese crooks use fake cellular telephony towers to spread Android malware
#2143 Hackers: We will remotely wipe iPhones unless Apple pays ransom
#2142 DoubleAgent: 0day code injection and persistence technique
#2141 Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
#2140 New LLTP ransomware appears to be a rewritten venus locker
#2139 Swearing trojan continues to rage, even after authors’ arrest
#2138 Bitcoin scams: Beware of crooks trying to steal your cryptocurrency with these schemes
#2137 Word document spreads macro malware targeting both Windows and macOS
#2136 New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12