Secure DNS server launched

Thursday, December 17th, 2009

Secure64, which specializes in products designed to support the domain name system (DNS), has released the product to help prevent a condition in which the server's local list of domain name mappings is corrupted. Attackers create this condition by pretending to be another DNS server responding to a DNS query. One ...

Bit.ly boosts malware protection

Tuesday, December 1st, 2009

For the security-conscious, those shortened URLs on Twitter can be unnerving. After all, where is that shortened URL really taking you? This summer, security vendors documented how spammers and phishers were exploiting URL shortening services to try to trick users into visiting sketchy sites. On Monday, one URL shortening service ...

SSL trick certificate published

Wednesday, September 30th, 2009

On the Noisebridge hacker mailing list, security specialist Jacob Appelbaum has published an SSL certificate and pertinent private key that together allow web servers to avoid triggering an alert in vulnerable browsers - irrespective of the domain for which the certificate is submitted. Phishers, for example, could use the certificate ...

Security Tightened for .org Domain

Tuesday, June 2nd, 2009

The Public Interest Registry will announce today that it has begun cryptographically signing the .org top-level domain using DNS security extensions known as DNSSEC. DNSSEC is an emerging standard that prevents spoofing attacks by letting Web sites verify their domain names and corresponding IP addresses using digital signatures and public-key encryption. DNSSEC ...

Mass Injection Attack Affects 40,000 Websites

Tuesday, June 2nd, 2009

Researchers at Websense have discovered a mass injection attack that is redirecting Web browsers to a malware-bearing site. According to a weekend report by researchers at Websense, thousands of legitimate Web sites have been discovered to be injected with malicious Javascript, obfuscated code that leads to an active exploit site. "The active ...