Google takes web security seriously. When the Google Chrome web browser encounters a payment site without Secure Socket Layer (SSL)/Transport Layer Security (TLS) encryption, it marks as insecure. Soon, Chrome will mark any HTTP site as insecure. That’s great, but just because a site is tagged ‘secure’ doesn’t mean it’s safe. WordFence, a well-regarded WordPress security company, has found that SSL certificates are being issued by certificate authorities (CA) to phishing sites pretending to be other sites. Because the certificates are valid, even though they’re operating under false premises, Chrome reports these sites as being secure. They’re not.
ORIGINAL SOURCE: ZDNet
The post Chrome Browser’s ‘Secure’ isn’t The Same Thing as ‘Safe’ appeared first on IT SECURITY GURU.
from Chrome Browser’s ‘Secure’ isn’t The Same Thing as ‘Safe’