Mozilla has joined Google in revoking trust for certificates issued by the China Internet Network Information Center (CNNIC) Certificate Authority.
In the wake of last week's incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an intermediate CA operating under the China Internet Network Information Center (CNNIC), Google has decided to make its Chrome browser no longer recognise the digital certificate issued by CNNIC as valid.
After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that's also breaking the security of secure connections by using self-signed MITM SSL certificates, the company has attempted to minimize the fallout by reiterating the initial explanation about why they did it: to help their customers.
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively performing a Man-in-the-Middle attack against them.
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with Man-in-the-Middle attacks.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.