- EFF questions US government's software flaw disclosure policy
- Security Watch: FireEye appoints first ever Asia Pac president
- Arbor-Cisco deal enlists service providers in the fight to push DDoS defences away from customer networks
- Microsoft’s rolls out ‘free’ iOS, Android MDM with Office 365 business plans
- Optus undertakes extensive security review as sanction for “significant” privacy breaches
pki - News, Features, and Slideshows
Microsoft has blacklisted a subordinate CA certificate that was wrongfully used to issue SSL certificates for several Google websites. The action will prevent those certificates from being used in Google website spoofing attacks against Internet Explorer users.
After a security enthusiast discovered a loophole that allowed him to register a valid SSL certificate for Microsoft's live.fi domain, he tried to responsibly disclose the issue. But instead of thanks he got locked out of his email, phone, Xbox and online storage accounts.
Microsoft released an update to blacklist an SSL certificate for one of its domain names that was issued to an unauthorized third party.
New cases of insecure HTTPS traffic interception are coming to light as researchers probe software programs for implementations that could enable malicious attacks. The latest software to open a man-in-the-middle hole on users' PCs is a new version of PrivDog, an advertising product with ties to security vendor Comodo.
On Thursday security researchers warned that an adware program called Superfish, which was preloaded on some Lenovo consumer laptops, opened computers to attack. However, it seems that the same poorly designed and flawed traffic interception mechanism used by Superfish is also used in other software programs.
- inTechnology launches Cloud Distribution business
- SDN Q and A: Telstra executive director solution sales, Brendan Donohoe
- Digistore Solutions inks partner agreement with Computergate
- Telstra adds IBM's SoftLayer to Cloud war chest
- Microsoft activates Office 365 and Dynamics CRM Online on local datacentres