Google has discovered unauthorized digital certificates being used in a SSL man-in-the-middle attacks in Egypt. They tracked the certs to CNNIC and decided to remove the popular Chinese certificate authority from Chrome’s trust chain. Watch the video for more details.
(Episode Runtime: 2:37)
Direct YouTube Link: https://www.youtube.com/watch?v=hKUs-kLKa50
EPISODE REFERENCES:
- Blog post on unauthorized Google certificates and CNNIC involvement – Google
- Article about Google removing CNNIC CA from Chrome – The Verge
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply