Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Unauthorized certificates issued for several Google domains

Unauthorized certificates issued for several Google domains

2015/03/24

Softpedia - (International) Security engineers at Google reported that intermediate certificate authority at Egypt-based MCS Holdings caused certifications for several Google domains that are trusted by most operating systems (OS) and Web browsers to be issued without authentication, leaving users vulnerable to impersonation and secure communication decryption via man-in-the-middle (MitM) attacks. Users of Google Chrome and Mozilla Firefox versions starting 33 are unaffected by the issue.

Source: http://news.softpedia.com/news/Unauthorized-Certificates-Issued-for-Some-Google-Domains-476583.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:50