The end of DNS-Changer

FBI’s “Operation Ghost Click” was discussed earlier by my colleague Kurt [Link: http://www.securelist.com/en/blog/208193404/DNSChanger_Cleaning_Up_4_Million_Infected_Hosts] and [Link: http://www.securelist.com/en/blog/208193491/Update_to_DNSChanger_Cleaning_Up_4_Million_Infected_Hosts] and now it comes to an end. Next Monday, 9th of July, at 06:00 (MEZ) the temporary DNS-servers setup by FBI will be shut down. But still there are still thousands of infected machines – one can wonder, what will happen to them? Read Full Article

What has happened to DNS Security?

Have we forgotten about DNS secutity? In a time of hacktivism and targetted attacks being on the raise this is something that we cannot afford forgetting. During my research i noticed that alot of DNS servers are running a weak configuration allowing an remote attacker to gain valuable information. Read Full Article

A Web of (Mis)Trust?

At our international press tour held in Moscow in early February, we spoke about the dissolution of trust on the internet and discussed the possibility of Certificate Authority subversion and the impact of abused digital certificates.

This unfortunate moment is arriving sooner than we wanted. This past week, another concrete example of the very foundation of trust on the web was shaken with the final coordination of an effort between a compromised Certificate Authority and web browser providers. Read Full Article