News

News

• September 02, 2016 02 Sep'16

  The original hacker, Guccifer, sentenced to 52 months in prison

  Romanian hacker Guccifer, made famous for exposing the misuse of Hillary Clinton's personal email servers, was sentenced to 52 months in prison for unrelated crimes.

• September 01, 2016 01 Sep'16

  FBI wants 'adult' conversation about 'going dark' encryption debate

  FBI Director James Comey wants to have an 'adult' conversation on the encryption debate, but many think that means ignoring experts and embracing the 'going dark' argument.

• August 31, 2016 31 Aug'16

  SWIFT discloses new attacks and bank thefts in private letter

  SWIFT told clients there have been more attacks on its bank messaging system and some have resulted in bank thefts, but no solutions to security are available.

• August 30, 2016 30 Aug'16

  Voter data breach leads to questions of tampering and state security

  Election registration databases in two states were attacked and the resulting voter data breach has led to questions of possible election tampering and inadequate state security.

• August 29, 2016 29 Aug'16

  Pegasus iOS exploit uses three zero days to attack high-value targets

  A new remote iOS exploit called Pegasus leverages three zero days in what appear to be state-sponsored targeted attack campaigns against political dissidents.

• Sponsored News

  • It’s Time to Modernize Your SOC

    Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More

  • 6 Factors to Consider in Building Resilience Now

    Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More

  • Why Zero Trust, Why Now

    Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More

  • 5 Best Practices To Secure Remote Workers

    Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More

  View All Sponsored News
• August 23, 2016 23 Aug'16

  Hospital cybersecurity failing to encrypt transmitted health records

  New research found a number of troubling issues with hospital cybersecurity, including transmitting unencrypted health records and failing to deploy cybersecurity measures.

• August 19, 2016 19 Aug'16

  Dell: Machine learning security hard to explain, harder to beat

  Dell's Brett Hansen explains why machine learning security is better than signature-based detection and how it can stop emerging threats.

• August 16, 2016 16 Aug'16

  Equation Group cyberweapons auctioned off; WikiLeaks promises release

  Cyberweapons purportedly stolen from the NSA-linked Equation Group have been put up for auction; WikiLeaks promises it will publish a 'pristine copy in due course.'

• August 12, 2016 12 Aug'16

  White House aims to secure open source government programs

  The White House unveils a new open source government policy and new research estimates the government's zero-day exploit stockpile to be smaller than expected.

• July 28, 2016 28 Jul'16

  Dell: Signature-based detection must give way to machine learning

  Dell's Brett Hansen discusses his company's new approach to advanced threat protection, which leaves behind signature-based detection and embraces machine learning.

• July 27, 2016 27 Jul'16

  LastPass security flaws put passwords at risk; patch rolling out

  Problems with LastPass security might have been improperly disclosed, putting user passwords at higher risk, but the flaws have already been fixed, with an update rolling out now.

• July 15, 2016 15 Jul'16

  FDIC found hiding multiple APT attacks and more from investigators

  An investigation by a federal committee found the FDIC had multiple breaches, including an APT attack, spanning years but hid the hacks from Congress.

• July 15, 2016 15 Jul'16

  EU member states approve EU-U.S. Privacy Shield data flow framework

  The EU-U.S. Privacy Shield framework takes effect, replacing Safe Harbor for transatlantic data flows; U.S. beefs up Cyber Command.

• July 12, 2016 12 Jul'16

  SWIFT banking security adds a dedicated cyberintelligence team

  SWIFT attempts to improve banking security include partnerships with two cybersecurity firms, and the creation of a new Customer Security Intelligence team.

• July 08, 2016 08 Jul'16

  Risk & Repeat: More critical Symantec vulnerabilities emerge

  In this Risk & Repeat podcast, SearchSecurity editors discuss a new Google Project Zero report on yet another round of critical Symantec vulnerabilities.

• July 07, 2016 07 Jul'16

  New EU GDPR privacy regulation set to take effect in 2018

  As the new General Data Protection Regulation privacy regulation looms, many firms face new rules and challenges to protect the privacy of EU citizens, regardless of location.

• July 06, 2016 06 Jul'16

  FBI says Hillary Clinton's email setup was irresponsible, not illegal

  The FBI gave a scathing review of Hillary Clinton's email setup, using personal servers for sensitive federal information, but deemed her actions were not illegal.

• July 01, 2016 01 Jul'16

  House Homeland Security Committee proposes encryption debate commission

  The House Homeland Security Committee officially proposed the creation of a commission to study both sides of the encryption debate and provide official recommendations.

• July 01, 2016 01 Jul'16

  Enterprise encryption strategies rise as firms' use of encryption grows

  Report: Enterprise encryption is on the rise as firms embrace use of encryption strategies; also, new Bart ransomware, IRS drops e-file PIN tool, and more.

• June 27, 2016 27 Jun'16

  Intel reportedly considering selling its security business

  New reports suggest Intel may be looking into selling off its security business, and experts are unclear whether it means Intel's McAfee acquisition has gone sour.

• June 24, 2016 24 Jun'16

  FBI surveillance access with National Security Letter unchanged, for now

  U.S. Senate fails to pass National Security Letter regulation to enhance warrantless FBI surveillance access to metadata, including email headers and browser history.

• June 22, 2016 22 Jun'16

  Activists, DOJ spar over Rule 41 changes to enhance FBI searches

  EFF and privacy activists oppose Rule 41 changes, while the Department of Justice claims the changes do not alter 'traditional protections' under the Fourth Amendment.

• June 17, 2016 17 Jun'16

  FBI facial recognition systems draw criticism over privacy, accuracy

  GAO report blasts FBI facial recognition programs over privacy and accuracy concerns; FBI systems offer access to over 411 million photos from federal and state sources.

• June 15, 2016 15 Jun'16

  SAP vulnerability, reported in 2010, finally patched

  SAP vulnerability patched, finally: The Java flaw was originally patched in 2010 but became the subject of an unprecedented US-CERT alert in May.

• June 15, 2016 15 Jun'16

  Ransomware worm raises concerns for enterprise security

  In this Risk & Repeat podcast, SearchSecurity editors break down the discovery of the ZCryptor ransomware worm and what it means for future ransomware threats.

• June 14, 2016 14 Jun'16

  Adobe Flash zero-day overshadows June 2016 Microsoft Patch Tuesday

  Microsoft's June 2016 Patch Tuesday release is not the most important of the day according to experts, instead another Adobe Flash zero-day vulnerability gets the spotlight.

• June 13, 2016 13 Jun'16

  Symantec acquisition of Blue Coat shakes up security industry

  Symantec agreed to acquire Blue Coat Systems for $4.65 billion, with Blue Coat CEO Greg Clark taking over as new CEO of the combined company.

• June 10, 2016 10 Jun'16

  Mozilla Secure Open Source Fund to aid developers with audits

  Mozilla created the Secure Open Source Fund to help developers perform security audits on software in an effort to reduce the potential of another Heartbleed or Shellshock.

• June 10, 2016 10 Jun'16

  Ransomware attack hits UCalgary as CryptXXX devs up their game

  As the University of Calgary contends with a ransomware attack, the actors behind CryptXXX are rolling out patches and upgrades and attackers are shifting from Angler to Neutrino EK.

• June 09, 2016 09 Jun'16

  Petraeus slams encryption backdoors, supports Apple

  Speaking at the Cloud Identity Summit, Gen. David H. Petraeus blasted the FBI's recent efforts to compel Apple to break the company's own encryption protection.

• June 07, 2016 07 Jun'16

  Angler exploit kit skips Microsoft EMET to subvert Flash, Silverlight

  FireEye researchers spotted the Angler exploit kit bypassing the current Microsoft EMET version 5.5 security tool running on Windows 7 to subvert Flash and Silverlight.

• June 03, 2016 03 Jun'16

  SandJacking attack enables installation of rogue apps on iOS devices

  Roundup: The new SandJacking attack technique allows attackers with physical access to iOS devices to install rogue apps. Plus, more on medical software security and Privacy Shield obstacles.

• June 02, 2016 02 Jun'16

  Lack of bug bounty programs won't deter cyber extortion attacks

  IBM reports 30 'bug poaching' cyber extortion attacks in the past year, as black hat hackers aim to "help" enterprises by exploiting SQL injection vulnerabilities.

• May 27, 2016 27 May'16

  RSA: Cloud visibility, analytics crucial to enterprises

  RSA's Rashmi Knowles spoke with SearchCloudSecurity about enterprises struggling with security visibility, and how analytics and data science can help.

• May 26, 2016 26 May'16

  Retiring obsolete SHA-1 and RC4 cryptographic algorithms, SSLv3 protocol

  Microsoft speeds deprecation of SHA-1, Google dropping support for RC4, SSLv3, as web software publishers approach end of life for obsolete cryptographic algorithms and protocols.

• May 24, 2016 24 May'16

  Lieu, Hurd school House colleagues on cyberhygiene, defense

  Former computer science majors Lieu and Hurd wrote to their U.S. House of Representatives colleagues, urging improved awareness of cyber risks and cyberhygiene.

• May 24, 2016 24 May'16

  Sorry Mr. Snowden -- encryption isn't the only path to security

  Encryption shouldn't be used to protect people from themselves, especially if it gets in the way of innovation.

• May 18, 2016 18 May'16

  Android clickjacking attack research updated but questions remain

  New research claims more than 95% of Android devices are vulnerable to clickjacking attacks, but the true danger may not be that severe.

• May 18, 2016 18 May'16

  Paul Vixie on the glibc bug, Internet crime and more

  Internet pioneer Paul Vixie spoke with SearchSecurity about Internet crime, the glibc bug and other pervasive vulnerabilities that may never be eradicated.

• May 13, 2016 13 May'16

  Google insider data breach exposed employee personal info

  Roundup: Google experiences an insider data breach, but the data leakage is cleaned up by a conscientious benefits manager. Plus, the FDIC reports five 'major' incidents, and more.

• May 13, 2016 13 May'16

  DHS warns on actively exploited SAP Java vulnerability

  DHS US-CERT warns of a patched SAP Java vulnerability from 2010 that has enabled breaches at three dozen global enterprises due to configuration issues.

• May 11, 2016 11 May'16

  Ransomware warning issued to Congress following attack

  Representatives in Congress have received a ransomware warning following an increased number of attacks perpetrated via phishing schemes.

• May 10, 2016 10 May'16

  May 2016 Patch Tuesday: IE zero-day patch tops the list

  Microsoft's May 2016 Patch Tuesday takes aim at an IE zero-day vulnerability, which experts say is the top priority, as well as a couple server-side flaws to keep an eye on.

• May 10, 2016 10 May'16

  U.S. intelligence agencies cut off from Twitter firehose

  Twitter ordered its business partner Dataminr to cut off the Twitter firehose feed access for U.S. intelligence agencies, but experts expect the NSA won't miss much.

• May 06, 2016 06 May'16

  Commercial code riddled with open source vulnerabilities

  Roundup: Customers, vendors both unaware of unpatched open source vulnerabilities in commercial software. Plus OpenSSL patches, warrantless wiretaps and more.

• April 22, 2016 22 Apr'16

  'Going dark' battle moves to Congressional encryption hearing

  Experts face off in Congress over 'going dark' encryption debate, stake out positions on security, privacy and government access; polls show support for strong encryption.

• April 21, 2016 21 Apr'16

  Google's second Android Security Report is a mixed bag

  The second annual Android Security Report details a number of ways Google has been working to improve security on its mobile platform but also highlights persistent problems.

• April 15, 2016 15 Apr'16

  Burr-Feinstein draft bill fuels encryption debate

  The encryption debate continues with release of the official draft of Burr-Feinstein 'Compliance with Court Orders Act of 2016' mandating court order compliance.

• April 12, 2016 12 Apr'16

  April 2016 Patch Tuesday: Badlock isn't a priority

  Microsoft's April 2016 Patch Tuesday includes a patch for Badlock, a vulnerability which experts call "overhyped," but the most important patches may need extra care to apply.

• April 12, 2016 12 Apr'16

  WordPress SSL now free for hosted sites, thanks to Let's Encrypt

  Customers with hosted sites will now have WordPress SSL turned on for free by default, thanks to Let's Encrypt certificates, potentially making a large number of websites more secure.

• April 08, 2016 08 Apr'16

  Encrypted messaging for all, as WhatsApp encryption announced

  WhatsApp encryption was turned on for all types of messaging, including group chats, which advanced the conversation on 'going dark,' as new encryption legislation draft goes public.

• April 05, 2016 05 Apr'16

  Gmail BREACH attack gets much faster but still easy to stop

  Security researchers updated BREACH attack that would allow a Facebook Messenger or Gmail breach to be performed much faster, but the overall risk is limited.

• March 29, 2016 29 Mar'16

  DOJ finds successful iPhone crack; drops backdoor bid, for now

  The DOJ found a successful iPhone crack to access the San Bernardino, Calif., terrorist's device and dropped the pending legal action against Apple, but only in that one case.

• March 25, 2016 25 Mar'16

  Congress considers 'going dark' encryption legislation

  Roundup: Sens. Dianne Feinstein and Richard Burr seek support for an encryption legislation draft, as U.S. politicians consider their options to address the 'going dark' problem.

• March 21, 2016 21 Mar'16

  Stagefright exploit created with reliable ASLR bypass

  Researchers have developed a Stagefright exploit, which could mean hundreds of millions of Android devices are at risk, despite mitigations and an available patch.

• March 18, 2016 18 Mar'16

  Apple court filing challenges iPhone backdoor as rhetoric heats up

  The rhetoric about the iPhone backdoor from Apple and the FBI has gotten more intense as Apple challenged the FBI in court by calling its motion unconstitutional.

• March 18, 2016 18 Mar'16

  Google boosts HTTPS, Certificate Transparency to encrypt Web

  Roundup: Google pushes efforts on HTTPS, Certificate Transparency and more to safeguard the Web with encryption, while other tech firms are eyeing more, stronger encryption.

• March 16, 2016 16 Mar'16

  Phishing campaign takes ransomware attacks to a global scale

  Research has uncovered ransomware attacks that begin with a sophisticated phishing campaign hitting users around the globe.

• March 11, 2016 11 Mar'16

  DROWN attack: TLS under fire again

  News roundup: DROWN attack affects millions of servers with an SSLv2 vulnerability; the Home Depot breach lawsuit settlement is pending; and Chinese smartphone-maker ZTE is sanctioned.

• March 08, 2016 08 Mar'16

  March 2016 Patch Tuesday highlights Windows 10 security

  Microsoft's March 2016 Patch Tuesday release has put Windows 10 security on display for good and bad, experts say.

• March 04, 2016 04 Mar'16

  McCaul pitches encryption commission to solve 'going dark' problem

  Rep. Michael McCaul makes the case for encryption commission legislation as an answer to the 'going dark' problem in the face of global cyberthreats.

• March 03, 2016 03 Mar'16

  Cybersecurity checklist a strategy tool for increasing attack costs

  The U.S. Cyber Consequences Unit rolled out a new version of its cybersecurity checklist, which it claims will help reduce attacks by increasing the costs of those attacks.

• March 03, 2016 03 Mar'16

  Admiral Rogers, chief of U.S. Cyber Command, seeks cooperation

  Private sector cooperation with the government is key to successful protection against cyberthreats, says U.S. Cyber Command chief Michael Rogers in an address to RSA Conference 2016.

• March 03, 2016 03 Mar'16

  Government encryption backdoor debate is more nuanced at RSAC

  RSAC panelists had a spirited and nuanced debate about government encryption backdoors, and the topic is more difficult to parse than expected.

• March 02, 2016 02 Mar'16

  Cybercrime trends point to growing sophistication

  Sophos' James Lyne warns that cybercriminals are becoming more effective, thanks to document-based malware and advanced social engineering techniques.

• March 02, 2016 02 Mar'16

  Bruce Schneier on IBM grabbing him up with Resilient Systems

  Bruce Schneier chats with SearchSecurity during lunch at RSAC about IBM's plans to acquire Resilient Systems to complete their security offering.

• March 01, 2016 01 Mar'16

  Incident response procedures speed discovery-response time

  Many companies become aware of a security event but take hours or days to perform triage and finally remediate it. Incident response procedures can vary based on the organization, and the type of security incident, which could involve DDoS attacks, ...

• March 01, 2016 01 Mar'16

  Yoran: Solve cybersecurity challenges with creativity, encryption

  Amit Yoran kicked off RSAC 2016 by publicly backing strong encryption, denouncing the 'going dark' debate and calling for more creativity in cybersecurity.

• February 26, 2016 26 Feb'16

  Lines drawn in iPhone backdoor case; Apple gets backup

  The public debate surrounding the iPhone backdoor case heats up; Apple and the FBI clarify their messages; and Apple gets legal support from major tech companies.

• February 24, 2016 24 Feb'16

  RSA Conference 2016: An opportunity to take a stand

  The technology industry has allowed the debate over encryption and "going dark" to get out of hand. But it can start to right that wrong at RSA Conference next week.

• February 19, 2016 19 Feb'16

  DHS posts CISA rules for reporting cyberthreat indicators

  Roundup: DHS posts first pass at guidelines for cyberthreat indicator reporting under CISA. Plus, the U.S. planned a major cyberattack against Iran if nuclear diplomacy had failed, and more news.

• February 17, 2016 17 Feb'16

  Security startups vie for honors in RSA Innovation Sandbox

  The RSA 2016 Innovation Sandbox competition highlights the top security startups, but only one will be awarded title of 'RSA Conference 2016's Most Innovative Startup.'

• February 17, 2016 17 Feb'16

  Court rules Apple needs iPhone backdoor; Tim Cook opposes

  A court order has ruled that Apple needs to create an iPhone backdoor to unlock the device used by the gunman in the San Bernardino killings, but Tim Cook opposed the ruling.

• February 12, 2016 12 Feb'16

  Uncertainty over Privacy Shield as Facebook faces penalties

  Roundup: Details are uncertain for the EU-U.S. Privacy Shield framework, as Facebook is charged with privacy violations in France over the use of the now-illegal Safe Harbor framework; more news.

• February 11, 2016 11 Feb'16

  IRS hack leveraged stolen Social Security numbers

  An IRS hack has compromised thousands of tax returns, and the attack was made possible through the use of stolen Social Security numbers.

• February 10, 2016 10 Feb'16

  Congress Republicans rebuff Obama cyber budget effort

  Obama ups spending by 35% in the 2017 cyber budget, adds a federal CISO and pushes multifactor authentication, but still faces stiff Republican opposition in Congress.

• February 09, 2016 09 Feb'16

  February 2016 Patch Tuesday: IE Flash vulnerabilities get a bulletin

  Microsoft's February 2016 Patch Tuesday release goes after Adobe Flash vulnerabilities and more Windows Journal flaws.

• February 05, 2016 05 Feb'16

  Researchers offer motive behind China cyberattacks

  Roundup: A new report may explain China's cyber targeting of health insurers. Plus, malware activity shows a big rise at year-end; more software vulnerabilities were reported.

• February 04, 2016 04 Feb'16

  Former CIA/NSA director Hayden supports strong encryption

  Former CIA and NSA director General Michael Hayden came out in favor of strong encryption but representatives in Congress and the Senate are continuing to pursue encryption backdoor legislation.

• February 03, 2016 03 Feb'16

  Costly government cybersecurity system needs major changes

  A new report on the EINSTEIN government cybersecurity system concluded that it is only 'partially meeting its stated system objectives,' and needs some major changes.

• February 01, 2016 01 Feb'16

  Threat defense, hybrid clouds and 'connections others miss'

  We often talk about shifts in information security from advanced threats to emerging technology defenses, but this year marks a few major turning points.

• January 29, 2016 29 Jan'16

  Deadline looms for Safe Harbor framework successor

  Roundup: As the deadline looms to replace the Safe Harbor data-sharing framework, the U.S. and EU continue to make progress; Senate is ready to vote on the Judicial Redress Act.

• January 29, 2016 29 Jan'16

  OpenSSL patch fixes encryption flaw and strengthens Logjam defense

  A new OpenSSL patch fixes a severe encryption flaw and strengthens the protocol against the Logjam vulnerability.

• January 28, 2016 28 Jan'16

  Oracle closing an attack vector by deprecating the Java browser plug-in

  Oracle announced plans to deprecate the Java browser plug-in, a noted attack vector, though the choice was not entirely its own.

• January 27, 2016 27 Jan'16

  Congress demands Juniper backdoor audits by government agencies

  Congressional oversight committee wants to know which U.S. government agencies used firewalls that may have been affected by the recently uncovered Juniper backdoor vulnerability.

• January 26, 2016 26 Jan'16

  Fortinet SSH vulnerability more widespread than thought

  Fortinet denies that a vulnerability found in many of its products is a true backdoor, but finds that the flaw is more widespread than once thought.

• January 22, 2016 22 Jan'16

  Will California ban smartphone encryption?

  News roundup: California mulls a ban on encrypted smartphone sales; France backs away from encryption backdoors; EU and U.K. privacy regulations; key escrow fail and more.

• January 21, 2016 21 Jan'16

  Linux kernel vulnerability has unknown risk, but Google has fix

  A newly found Linux kernel vulnerability has garnered big headlines. Google said the risk to Android has been overstated, and experts are unsure about the danger to the wider Linux ecosystem.

• January 15, 2016 15 Jan'16

  Trend Micro Password Manager flaw; backdoors and passwords

  In this roundup, Trend Micro's Password Manager flamed over JavaScript flaw; Android malware breaks two-factor authentication; Cisco vulnerabilities; Juniper backdoor update and more.

• January 14, 2016 14 Jan'16

  Microsoft Silverlight patch might be a Hacking Team zero day

  A Microsoft Silverlight patch becomes more important as researchers claim it may be a Hacking Team zero day that has been known for years.

• January 12, 2016 12 Jan'16

  January 2016 Patch Tuesday: Address-spoofing patch starts the new year

  Microsoft's January 2016 Patch Tuesday started the year with the IE end of life for older versions of the browser and an important address-spoofing patch.

• January 08, 2016 08 Jan'16

  Cybersecurity and CES 2016: A comedy of omissions

  CES 2016 has come to a close, and once again the mega-trade show had little to offer in terms of information security. Here's why that's bad news.

• December 30, 2015 30 Dec'15

  Adobe issues emergency patch for critical Flash vulnerabilities

  Just weeks after its biggest security update of the year, Adobe issued emergency patches for a new round of Flash bugs, including one already being exploited by attackers.

• December 29, 2015 29 Dec'15

  Open database exposes 191 million voter registration records

  A mysterious voter database containing 191 million voter registration records found last week was online for over a week, with few clues as to who is responsible.

• December 23, 2015 23 Dec'15

  Juniper firewall backdoors add fuel to encryption debate

  Juniper firewalls are reportedly vulnerable to two serious backdoors, and the NSA may be at least indirectly responsible for one that exposes VPN data.

• December 22, 2015 22 Dec'15

  PCI DSS 3.1 deadline for TLS migration pushed back

  The Payment Card Industry Security Standards Council unexpectedly pushed back the deadline for enterprises to migrate off of early versions of TLS.

• December 18, 2015 18 Dec'15

  Compliance costs expected to rise as EU GDPR advances

  News roundup: As EU's Global Data Protection Regulation advances, businesses anticipate higher penalties and compliance costs. Also, malware roundup.

• December 18, 2015 18 Dec'15

  CISA added to budget omnibus, with privacy protection stripped

  The Cybersecurity Information Sharing Act passed after being added to the emergency budget omnibus bill, but critics warned the privacy protections have been stripped out.

• December 15, 2015 15 Dec'15

  Old Microsoft Kerberos vulnerability gets new spotlight

  A new blog post detailed authentication vulnerabilities in Microsoft Kerberos that cannot be patched and could lead to attackers having free rein over systems.

• December 14, 2015 14 Dec'15

  Symantec asks browser makers to distrust one of its root certificates

  Symantec announced it will retire one of its root certificates because it was based on older security, and Google made sure users knew the risks.