Tag: tls

1 in 500 secure connections use forged certificate

For reasons ranging from relatively good, to actual malware. Researchers from Facebook and Carnegie Mellon University have published a paper ( PDF ) in which they show that out of a sample of over 3 million secure connections to Facebook , 0.2% used a forged SSL certificate. SSL and its successor TLS are encryption protocols…

May 13, 2014
OpenSSL vulnerability lets attackers quietly steal servers’ private keys

Security firm advises regenerating keys and replacing certificates on vulnerable servers. A very serious vulnerability in OpenSSL has caused panic among network administrators: CVE-2014-0160 allows an attacker to read the memory of a vulnerable server and thus obtain private encryption keys, passwords and other kinds of sensitive information. OpenSSL is a widely used open-source implementation…

April 7, 2014
41% of spam sent via Rustock botnet

Botnet spam back after short summer break. In its latest intelligence report, security firm MessageLabs reports that 41% of all spam is being sent through the Rustock botnet, an increase of 9% since April. The botnet sends an estimated 32 million spam emails per minute. Interestingly, the number of bots controlled by Rustock’s botherders has…

August 26, 2010