After last week's revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack toolkit, Kaspersky Lab researchers have shared more details about how the attackers achieved persistence in it.
After the Superfish debacle earlier this year, Lenovo's security practices have once again been found lacking as researchers have discovered several vulnerabilities in the company's System Update software.
Mozilla has joined Google in revoking trust for certificates issued by the China Internet Network Information Center (CNNIC) Certificate Authority.
In the wake of last week's incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an intermediate CA operating under the China Internet Network Information Center (CNNIC), Google has decided to make its Chrome browser no longer recognise the digital certificate issued by CNNIC as valid.
After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that's also breaking the security of secure connections by using self-signed MITM SSL certificates, the company has attempted to minimize the fallout by reiterating the initial explanation about why they did it: to help their customers.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.