Thursday, August 7th, 2008
A newly discovered flaw in the Internet's core infrastructure not only permits hackers to force people to visit Web sites they didn't want to, it also allows them to intercept e-mail messages, the researcher who discovered the bug said Wednesday.Considering the silent nature of the attack and the sensitive nature ...
Posted in Internet, Networking, Privacy, Security | No Comments
Thursday, August 7th, 2008
Perhaps more than any other flaw in the last several years, the DNS protocol vulnerability discovered by security researcher Dan Kaminsky has shown that the circle of trust on the Internet can be broken more easily than we feared.After listening to Kaminsky’s talk Aug. 6 at the Black Hat conference ...
Posted in Internet, Networking, Privacy, Security | No Comments
Wednesday, August 6th, 2008
In my recent Editors' Notes post on Consumer Reports' recommendation that Mac users dump Safari because the Apple browser lacks the anti-phishing tools of Firefox and Opera, I focused on behavioral changes one can make that minimize the risks of phishing attempts. I didn't, however, discuss a relatively simple configuration ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, July 30th, 2008
Ok, we have a confirmed instance where the DNS cache poisoning vulnerability was used to compromise a DNS server belonging to AT&T. This PCWorld article covers the incident. The original article makes it sound as though the Metasploit site was 'owned' by this incident when really the issue was ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 29th, 2008
An Argentinian security researcher has published a security exploit toolkit targeting the update mechanisms of Java, Mac OS X, OpenOffice.org and other software, and relying on man-in-the-middle techniques such as those made possible by the recently disclosed DNS security hole.
The toolkit, ISR-Evilgrade 1.0, was released by Francisco Amato, a researcher ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments