Mike Mimoso and Dennis Fisher discuss the news of the last week, including the Superfish fiasco, the Gemalto SIM hack controversy and the continuing NSA drama.
Browsing Category: Cryptography
The EFF’s Decentralized SSL Observatory turned up 1,600 certificates that should have been rejected but instead passed browser checks because they were manipulated by Komodia’s SSL Digester interception module.
On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet,[…]
Despite leaked documents from the NSA showing otherwise, officials at Gemalto on Wednesday said the company has found no evidence that its SIM card infrastructure was compromised several years ago by the NSA and GCHQ. The company identified a handful of what it called sophisticated attacks in the timeframe in questions, but said none of[…]
CloudFlare has deployed a new level of encryption on its service that hardens and speeds up users’ experience, especially when accessing domains via mobile browsers.
Gemalto officials say that while they are still in the process of investigating whether the company was compromised by the NSA and GCHQ to access the encryption keys for its SIM cards, they say they believe their products and platforms are secure. In a statement issued Monday, Gemalto officials said they are still trying to[…]
Another shady piece of adware called PrivDog has been unearthed with a similar Superfish-type vulnerability that breaks SSL connections.
NSA director Mike Rogers spoke about creating legal frameworks for crypto-subversion and law enforcement intelligence gathering at Cybersecurity for a New America.
Komodia.com, home of the SSL module at the heart of the Superfish scandal, is offline because of a DDoS attack.
Security experts are still trying to assess the effects of the reported attack on SIM card manufacturer that resulted in the theft of millions of encryption keys for mobile phones around the world, but it’s safe to say that the operation has caused reverberations throughout the industry and governments in several countries. The attack, reported[…]