News

• Symantec: 'VeriSign Trusted' mark out, 'Norton Secured' in

  Symantec is phasing in a new trust mark to ensure Web users that the sites they are visiting are safe. Symantec has been replacing "VeriSign Trusted" with "Norton Secured, powered by VeriSign."

• Stolen encryption key the source of compromised certificate problem, Symantec says

  When Kaspersky Lab last week spotted code-signed Trojan malware dubbed Mediyes that had been signed with a digital certificate owned by Swiss firm Conpavi AG and issued by Symantec, it touched off a hunt to determine the source of the problem.

• Kaspersky Lab spots malware signed with stolen digital certificate

  Security firm Kaspersky Lab Thursday said it's identified a malicious program that appears to make use of a compromised Symantec VeriSign digital certificate issued to Conpavi AG, which is known to work with Swiss government agencies. Kaspersky says it has asked Symantec VeriSign to revoke the compromised certificates.

• Digitally signed malware is increasingly prevalent, researchers say

  Security companies have recently identified multiple malware threats that use stolen digital certificates to sign their components in an attempt to avoid detection and bypass Windows defenses.

• Qualys CEO: We're ready to take the company public

  Qualys, the Redwood Shores, Calif.-based security firm specializing in vulnerability assessment and management, is poised for an initial public offering (IPO) later this year.

• FAQ about the VeriSign data breaches

  A VeriSign filing with the Securities and Exchange Commission reveals that the company suffered more than one data breach in 2010, raising questions about how secure the company's products are and what customers should do about it.

• VeriSign admits multiple hacks in 2010, keeps details under wraps

  VeriSign, the company responsible for guiding most of the world's Internet users to the correct websites and once the largest encryption certificate issuing authority, has acknowledged that it was successfully hacked several times in 2010.

• Security: Will 2012 be the dawn of DNSSEC?

  Will 2012 be the year when US retailers, banks and content providers finally bolster their DNS systems with an add-on security measure that prevents Web site spoofing? That's what advocates of the security measure - dubbed DNSSEC for DNS Security Extensions - are hoping will occur.

• Microsoft's botnet take-down helps protect Mac users

  Mac users can thank Microsoft for taking down a small but dangerous botnet.

• Cyberattacks can justify armed response, Pentagon says

  The U.S. military is prepared to use physical attacks in response to cyberattacks, the U.S. Department of Defense said Tuesday.

• Verisign expands cloud-based DDoS protection

  Citing a rise in the number and scope of distributed denial of service (DDoS) attacks across the Internet, Verisign is expanding its cloud-based DDoS protection service to cover small and midsize businesses that are increasingly frequent targets.

• Dot-com domains still lack DNSSEC security

  It's been over two weeks since the DNS Security Extensions (DNSSEC) system was turned on for .com domain names. This is an end stage for a process that will one day let surfers be 100 percent confident they're accessing the site they think they are, and have not been diverted by hackers.

• Tighter security available to .com sites, only with upgrades

  VeriSign has added an extra layer of security to the Internet's .com domain, but e-retailers, banks and other Web site operators will need to upgrade their DNS hardware, software or services to take advantage of .com's new cryptographic features.

• As IPv4 disappears, transition poses hazards

  With the last IPv4 addresses about to be allocated, the good news is that IT managers -- at least in the U.S. and Europe -- don't suddenly have to get the next Internet Protocol working.

• VeriSign: We will keep our lead in IPv6

  VeriSign, the back-end operator of the Internet's.com and .net domains, says it has a head start on transition to the next-generation Internet Protocol known as IPv6 and that it intends to keep its lead over competitors.