Tuesday, December 30th, 2008
We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, December 30th, 2008
This is a great howto from Didier Stevens about creating your own public key certificates using only OpenSSL.
Posted in Internet, Privacy, Security | 1 Comment
Tuesday, December 30th, 2008
With the help of about 200 Sony Playstations, an international team of security researchers have devised a way to undermine the algorithms used to protect secure Web sites and launch a nearly undetectable phishing attack.
To do this, they've exploited a bug in the digital certificates used by Web sites to ...
Posted in Internet, Privacy, Security | No Comments
Monday, December 29th, 2008
The FBI today challenged anyone in the online community to break a cipher code on its site. The code was created by FBI cryptanalysts. The bureau invited hackers to a similar code-cracking challenge last year and got tens of thousands of responses it said.
A number of sites host such cipher ...
Posted in Coding, Internet, Security | No Comments
Monday, December 29th, 2008
In his blog, Graham Cluley of Sophos alerts his readers to the return of Google Calendar phishing attacks. Originally spotted in the summer, Google Calendar phishing uses event invitations to Calendar users asking them to "Verify Your Account" or face account deletion. Victims of this phish are asked to accept ...
Posted in Internet, Privacy, Security | No Comments
