A pharming attack has been detected targeting home routers distributed from Brazil’s largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.
Browsing Author: Michael Mimoso
The EFF’s Decentralized SSL Observatory turned up 1,600 certificates that should have been rejected but instead passed browser checks because they were manipulated by Komodia’s SSL Digester interception module.
An automated attack targeting users of the open source Rejetto webserver and file-sharing application tried to inject the IptabLes DDoS tool.
Facebook released final numbers on 2014 submissions and payouts from its bug bounty program, showing continued growth in both areas.
Europol and several private technology companies announced the overnight takedown of the command and control infrastructure supporting the Ramnit botnet.
Advanced attacks against industrial control systems are intelligence gathering operations in order to learn the inner workings of ICS infrastructure to facilitate sabotage.
Another shady piece of adware called PrivDog has been unearthed with a similar Superfish-type vulnerability that breaks SSL connections.
Komodia.com, home of the SSL module at the heart of the Superfish scandal, is offline because of a DDoS attack.
Researcher Rob Graham has cracked the certificate password for Superfish adware pre-installed on Lenovo laptops.
The organizers of the TrueCrypt audit expect the cryptanalysis of the open source encryption software to begin shortly; phase two will be handled by NCC Group’s Cryptography Services practice.