Barney's Blog

Blog archive

Damaging Digital Certs

Digital certificates are supposed to protect our security. But hackers have somehow managed to create nine bogus certificates that could be used to violate the very core of your network.

Even though hackers hacked into certs from the Comodo Group, Microsoft was the one who first brought the issue to light this week.

Maybe that's because the certs can be used to breech the defenses of Windows Live and Google. For some reason, Google didn't raise any major alarms.

The hack was made possible because a major jerk somehow managed to get the password and user name of a Comodo worker. The source of the hack appears to be Iran but the hacker(s) could have been spoofing the IP address.

Thankfully, no attacks have been thus far reported. But if that changes, the exploits could include phishing and other nefarious deeds.

Browser providers Google, Mozilla and Microsoft have all sent out patches.

Posted by Doug Barney on 03/25/2011 at 1:18 PM


Featured

  • Windows Admin Center vs. Hyper-V Manager: What's Better for Managing VMs?

    Microsoft's preferred interface for Windows Server is Windows Admin Center, but can it really replace Hyper-V Manager for managing virtual machines? Brien compares the two management tools.

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

  • Microsoft Ups Its Carbon Reduction Goals

    Microsoft on Thursday announced a corporatewide carbon reduction effort that aims to make the company "carbon negative" by 2030.

  • How To Dynamically Lock Down an Unattended Windows 10 PC

    One of the biggest security risks in any organization happens when a user walks away from their PC without logging out. Microsoft has the solution (and it's not a password-protected screensaver).

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.