Barney's Blog

Blog archive

Damaging Digital Certs

Digital certificates are supposed to protect our security. But hackers have somehow managed to create nine bogus certificates that could be used to violate the very core of your network.

Even though hackers hacked into certs from the Comodo Group, Microsoft was the one who first brought the issue to light this week.

Maybe that's because the certs can be used to breech the defenses of Windows Live and Google. For some reason, Google didn't raise any major alarms.

The hack was made possible because a major jerk somehow managed to get the password and user name of a Comodo worker. The source of the hack appears to be Iran but the hacker(s) could have been spoofing the IP address.

Thankfully, no attacks have been thus far reported. But if that changes, the exploits could include phishing and other nefarious deeds.

Browser providers Google, Mozilla and Microsoft have all sent out patches.

Posted by Doug Barney on 03/25/2011 at 1:18 PM


Featured

  • Microsoft Previews Windows Autopilot for HoloLens 2

    Microsoft on Friday announced a public preview of Windows Autopilot for HoloLens 2, its mixed-reality headset.

  • Microsoft Flirts with Charging for API Software Connections

    Microsoft may have started something new by attempting to charge its customers for software that uses its application programming interfaces (APIs).

  • Overcoming Spacesuit Anxiety During Astronaut Training

    Spacesuits are heavy, claustrophobic and hot -- an uncomfortable combination for many would-be astronauts. Here's how Brien came around to the idea of wearing one.

  • Microsoft Announces Azure Kubernetes Service Enhancements

    Microsoft this week announced a few Azure Kubernetes Service (AKS) product milestones as part of the KubeCon event.

comments powered by Disqus