Today we saw the discovery of another rogue SSL certificate – this time for *.google.com. The certificate itself was issued five weeks ago. This will allow an attacker to sniff the traffic to virtually all of Google’s services even with HTTPS enabled. Read Full Article
BlackHat USA 2011
“Men’s minds have difficulty adapting to things with which they have no experience.”
Almost 10,000 security pros, hackers and interested folks gathered at BlackHat USA this morning at Caesar’s Palace in Las Vegas. The morning began with a keynote talk from 28 year CIA counter-terrorism veteran, Ambassador Cofer Black, comparing the evolution of recent, past global conflict with the world of cyber security.
Read Full ArticleFrom Cocos Islands to Cameroon
The cybercrime business is really no different from other types of business such as pasta making or selling spare parts for cars. It has its own expenses and overheads. A hacker, just like any businessman, tries to save on attacks and keep their costs down. Read Full Article
Pepper Flash for Google Chromebooks — What’s Going On?
Yesterday, I blogged about the older version of Adobe Flash Player on my recently purchased Google Chromebook. On Tuesday, the day before, I’d sent out a note to Adobe’s PSIRT asking if they knew what was up with this earlier version. Read Full Article
Google+ fake invites = malware
Brazilian cybercriminals already started using Google+ theme to spread malware as a fake invitation Read Full Article
New Chromebook, Old Flash Player
This week my Samsung Chromebook finally arrived. My interest in this platform had been especially piqued after my colleague Costin Raiu’s excellent analysis following the Chromebook’s introduction. Read Full Article
Patch Tuesday June 2011
Patches are up! This month’s patch Tuesday is a sizable one by any standards. Microsoft is patching a total of 34 vulnerabilities in 16 bulletins. At least eight different product lines are updated. Adobe is coordinating release of Reader, Acrobat, Shockwave and Flash updates as well today. Read Full Article
Chromebook – A New Class of Risks
Thoughts on the security of the newly announced Chromebook with Google Chrome OS. Read Full Article
Blackhat SEO and Osama Bin Laden’s death
The bad guys were fast: Blackhat SEO campaign about Osama’s Bin Laden death spotted some minutes after the announcment. Read Full Article
Infiltrate 2011 and Offensive Security
Security researchers from around the world are digesting the weekend’s fare at Infiltrate2011, organized by security outfit Immunity. “No policy or high-level presentations, just hardcore thought-provoking technical meat” was promised, and presenters served it up sizzling. Read Full Article