A Venafi survey of 300 Black Hat USA 2015 attendees reveals that most IT security professionals understand and acknowledge the risks associated with untrustworthy certificates and keys, but take no action.
After last week's revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack toolkit, Kaspersky Lab researchers have shared more details about how the attackers achieved persistence in it.
After the Superfish debacle earlier this year, Lenovo's security practices have once again been found lacking as researchers have discovered several vulnerabilities in the company's System Update software.
Mozilla has joined Google in revoking trust for certificates issued by the China Internet Network Information Center (CNNIC) Certificate Authority.
In the wake of last week's incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an intermediate CA operating under the China Internet Network Information Center (CNNIC), Google has decided to make its Chrome browser no longer recognise the digital certificate issued by CNNIC as valid.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.