Tuesday , July 1 2025
entrust

Google Blocking Entrust Certificates in Chrome in November 2024

infosecbulletin Saturday , June 29 2024 International

Starting November 1, 2024, Google will block websites that use certificates from Entrust. Google made this decision because Entrust has not been able to handle security issues promptly and has not complied with their requirements.

“Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted [certificate authority] owner,” Google’s Chrome security team said.

First couple “Rosie” to conceive using AI tech “STAR” successfully

By infosecbulletin / Sunday , June 29 2025
Doctors at Columbia University Fertility Center have reported what they are calling the first pregnancy using a new AI system,...
Read More
First couple “Rosie” to conceive using AI tech “STAR” successfully

Scattered Spider Actively Attacking Aviation and Transportation: FBI

By infosecbulletin / Saturday , June 28 2025
Cybersecurity experts and federal authorities are warning that the Scattered Spider hackers are now targeting aviation and transportation, indicating a...
Read More
Scattered Spider Actively Attacking Aviation and Transportation: FBI

Russia’s restrictions on Cloudflare making websites inaccessible

By F2 / Saturday , June 28 2025
Since June 9, 2025, Russian users connecting to Cloudflare services have faced throttling by ISPs. As the throttling is being...
Read More
Russia’s restrictions on Cloudflare making websites inaccessible

61 million Verizon records allegedly posted online for sale

By infosecbulletin / Saturday , June 28 2025
A new report from SafetyDetectives reveals that hackers posted a massive 3.1GB dataset online, containing about 61 million records reportedly...
Read More
61 million Verizon records allegedly posted online for sale

Cyber Expert ‘Rene Joshilda’ Arrested for Bomb Hoaxes

By infosecbulletin / Friday , June 27 2025
A 30-year-old robotics engineer from Chennai set off alarm bells in 11 states by allegedly sending hoax bomb threats. She...
Read More
Cyber Expert ‘Rene Joshilda’ Arrested for Bomb Hoaxes

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow to Gain Root Access

By infosecbulletin / Friday , June 27 2025
Cisco has issued updates to fix two critical security vulnerabilities in Identity Services Engine (ISE) and ISE Passive Identity Connector...
Read More
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow to Gain Root Access

CISA Warns of FortiOS Hard-Coded Credentials Vulns

By F2 / Thursday , June 26 2025
CISA warns about a serious vulnerability in Fortinet FortiOS that threatens network security. CISA included CVE-2019-6693 in its Known Exploited...
Read More
CISA Warns of FortiOS Hard-Coded Credentials Vulns

5 vendors’ printer totaling 748 models affected: Rapid7

By F2 / Thursday , June 26 2025
Rapid7 has revealed serious vulnerabilities in multifunction printers (MFPs) from Brother, FUJIFILM, Ricoh, and Toshiba Tec Corporation. These findings, covering...
Read More
5 vendors’ printer totaling 748 models affected: Rapid7

Citrix Released Emergency Patches for Actively Exploited CVE-2025-6543

By infosecbulletin / Wednesday , June 25 2025
Citrix has issued security updates for a critical vulnerability in NetScaler ADC that has been actively exploited. The vulnerability CVE-2025-6543...
Read More
Citrix Released Emergency Patches for Actively Exploited CVE-2025-6543

SonicWall warns of a trojanized NetExtender stealing VPN logins

By F2 / Wednesday , June 25 2025
SonicWall warned on Monday that unknown attackers have trojanized its SSL-VPN NetExtender application, tricking users into downloading it from fake...
Read More
SonicWall warns of a trojanized NetExtender stealing VPN logins

The tech giant announced that it will no longer trust TLS server authentication certificates from Entrust in Chrome browser versions 127 and higher by default. However, Chrome users and enterprise customers can override these settings if they want to.
Google stated that certificate authorities have an important role in ensuring secure connections between browsers and websites. They also criticized Entrust for not providing incident reports and failing to meet improvement commitments, which puts the internet at risk.

Blocking will occur on Windows, macOS, ChromeOS, Android, and Linux. However, Chrome for iOS and iPadOSThe blocking action will affect Windows, macOS, ChromeOS, Android, and Linux versions of the browser. However, Chrome for iOS and iPadOS will not be affected because of Apple’s policies that prevent the use of the Chrome Root Store.

Users visiting a website with a certificate from Entrust or AffirmTrust will see a warning message about their connection not being secure or private.

Website operators need to switch to a trusted certificate authority by October 31, 2024 to avoid problems. Entrust’s website says that their solutions are trusted by big companies like Microsoft, Mastercard, VISA, and VMware.

“While website operators could delay the impact of blocking action by choosing to collect and install a new TLS certificate issued from Entrust before Chrome’s blocking action begins on November 1, 2024, website operators will inevitably need to collect and install a new TLS certificate from one of the many other CAs included in the Chrome Root Store,” Google said.

Check Also

Paraguay 7.4 Million Citizen Records Leaked on Dark Web

Resecurity found 7.4 million records of Paraguayan citizens’ personal information leaked on the dark web …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin