Tuesday, December 30th, 2008
We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, December 30th, 2008
This is a great howto from Didier Stevens about creating your own public key certificates using only OpenSSL.
Posted in Internet, Privacy, Security | 1 Comment
Tuesday, December 30th, 2008
With the help of about 200 Sony Playstations, an international team of security researchers have devised a way to undermine the algorithms used to protect secure Web sites and launch a nearly undetectable phishing attack.
To do this, they've exploited a bug in the digital certificates used by Web sites to ...
Posted in Internet, Privacy, Security | No Comments
Monday, December 29th, 2008
In his blog, Graham Cluley of Sophos alerts his readers to the return of Google Calendar phishing attacks. Originally spotted in the summer, Google Calendar phishing uses event invitations to Calendar users asking them to "Verify Your Account" or face account deletion. Victims of this phish are asked to accept ...
Posted in Internet, Privacy, Security | No Comments
Thursday, December 25th, 2008
New malware is spreading via Christmas and holiday greetings, security researchers said today, a tactic reminiscent of those used last season by the notorious Storm Trojan horse.
Researchers at the Bach Khoa Internetwork Security Center in Hanoi, Vietnam reported today that a new piece of malware, dubbed "XmasStorm" by the center, ...
Posted in Internet, Privacy, Security | No Comments
