News Briefs

Most Viewed  –  Last 30 Day  |  Last 12 Months  |  All Time

Security Researchers Find Serious Vulnerability in SSL

Sophie Curtis of eWeek reports: "Researchers have discovered a hole in the secure sockets layer (SSL) protocol, enabling man-in-the-middle attackers to hack into secure applications despite traffic encryption. According to security researcher Chris Paget, hackers can exploit this flaw by breaking into shared hosting environments, mail servers and databases, and inserting text into encrypted traffic as it passes between two end users. This could lead to fragmentation of SSL transactions, giving hackers the opportunity to inject false commands such as password resets into communications which are otherwise encrypted." more

UPDATEDResearchers Demonstrate How to Launch Undetectable Phishing Attacks

With the help of about 200 Sony Playstations, an international team of security researchers have devised a way to undermine the algorithms used to protect secure Web sites and launch a nearly undetectable phishing attack. To do this, they've exploited a bug in the digital certificates used by Web sites to prove that they are who they claim to be. By taking advantage of known flaws in the MD5 hashing algorithm used to create some of these certificates, the researchers were able to hack Verisign's RapidSSL.com certificate authority and create fake digital certificates for any Web site on the Internet. more

Libya Using a Different Internet Strategy than Egypt

In a Renesys blog post, James Cowie writes: "Why did Libya put its Internet in 'warm standby mode' instead of just taking it down, as Egypt did? Perhaps because they're learning from Mubarak's experience. Cutting off the Internet at the routing level (powering down the Internet exchange point, going after the remaining providers with secret police to enact a low-level shutdown) was a technically unsophisticated desperation move on Egypt's part." more

Popular Mechanics on Vulnerability of US Infrastructure to a Major Cyberattack

The next world war might not start with a bang, but with a blackout. An enemy could send a few lines of code to control computers at key power plants, causing equipment to overheat and melt down, plunging sectors of the U.S. and Canadian grid into darkness. Trains could roll to a stop on their tracks, while airport landing lights wink out and the few traffic lights that remain active blink at random. In the silence and darkness, citizens may panic, or they may just sit tight and wait for it all to reboot. Either way, much of the country would be blind and unresponsive to outside events. And that might be the enemy's objective: Divert America's attention while mounting an offensive against another country... more

FCC Makes Decision on 700 MHz Spectrum

The Federal Communications Commission voted to shake up the wireless market by approving a set of rules for the upcoming auction that would require the winner to make them accessible to any phone, other device or application. Regulators decided today that the winner of the valuable wireless airwaves the U.S. government plans to sell (by early next year) would have to permit consumers to connect using any device or software. more

Possible Final Vote on XXX Next Week

Online pornographers and religious groups are in a rare alliance as a key Internet oversight agency nears a decision on creating a virtual red-light district through a ".xxx" Internet address.

The Internet Corporation for Assigned Names and Numbers, which has already rejected similar proposals twice since 2000, planned to vote as early as next week on whether to approve the domain name for voluntary use by porn sites. more

FCC Launched Investigation Into Exclusive Handset Deals

Grant Gross of IDG News report: "The U.S. Federal Communications Commission will launch an investigation into exclusive handset deals between mobile carriers and handset makers, acting FCC Chairman Michael Copps said. Copps has instructed FCC staff to open an inquiry into exclusive handset deals, he said during a speech at the Pike and Fischer Broadband Summit Thursday." more

Google to Distrust Symantec-Issued Certificates Amid Misuse

In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more

Justice Department: Internet Surveillance Program No Violation of Privacy

According to sources, the U.S. Justice Department has concluded that the surveillance program called Einstein 2 aimed at monitoring federal employees' Internet traffic activities does not violate their rights nor those of citizens who communicate with them. The Associated Press reports: "[T]he system addresses potential privacy concerns by warning employees when they log in that their communications may be monitored. Such warnings 'eliminate federal employees' legitimate expectations of privacy' on government computers, acting Assistant Attorney General David J. Barron wrote." more

Google.org Awards Grant to Internet Society to Advance Internet Exchange Points in Emerging Markets

The Internet Society today announced that it has been awarded a grant by Google.org to extend its Internet exchange point (IXP) activities in emerging markets. The grant will build on the Internet Society's previous efforts and will establish a methodology to assess IXPs, provide training for people to operate the IXPs, and build a more robust local Internet infrastructure in emerging markets. more

NASCAR Team Pays Ransomware Fee to Recover Its Critical Files

NASCAR team Circle Sport-Leavine Family Racing (CSLFR) disclosed today a ransomware infection incident that took place in April and nearly caused losing access to critical files worth about $2 million. more

US Supreme Court Rejects Online Child Protection Law

The U.S. Supreme Court today again refused to resurrect a federal law that required Web sites containing "material harmful to minors" to implement age-based access restrictions, presumably ending a 10-year fight over whether the law violated free-speech rights on the Internet. The court declined to hear an appeal that was filed by former President George W. Bush's administration, asking the justices to overturn a lower court's ruling against enforcement of the Child Online Protection Act of 1998. In July, the U.S. Court of Appeals for the Third Circuit struck down COPA for the third time, saying that the law was a vague and overly broad attack on free speech. more

U.S. Government Takes Steps Towards Increased Transparency for Vulnerabilities Equities Process

The White House has released a charter offering more transparency into the Vulnerabilities Equities Process. more

Chinese TV Footage Reveals Apparent Cyberattack on US Website

Reported in Guardian: "Footage that appears to feature army-labelled software raises questions about China's denials of involvement in hacking. China's state broadcaster has screened footage that apparently shows army-labelled software for attacking US-based websites, security experts have said. Beijing has consistently denied being behind cyber-attacks, insisting it plays no part in hacking and is itself a victim." more

FCC Aiming for 100 Million Households at 100 Megabits Per Second

The U.S. Federal Communications Commission unveiled a plan on Tuesday proposing minimum broadband speeds of 100Mbps. In his remarks, FCC's chief Julius Genachowski said: "To meet the imperatives of global competitiveness and enduring job creation, we must have broadband networks of such unsurpassed excellence that they will empower American entrepreneurs and innovators to build and expand businesses here in the United States. Our plan will set goals for the U.S. to have the world's largest market of very high-speed broadband users. A '100 Squared' initiative -- 100 million households at 100 megabits per second -- to unleash American ingenuity and ensure that businesses, large and small, are created here, move here, and stay here." more

Latest News

Recently Discussed

Most Discussed – Last 30 Days

Topics

IP Addressing

Sponsored byAvenue4 LLC

Mobile Internet

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign