[net-gold] COMPUTER HACKING AND HACKERS : EMAIL : BUSINESS: CORPORATIONS: NAMED CORPORATIONS: GOOGLE: Hackers Acquire Google Certificate, Could Hijack Gmail Accounts
- From: "David P. Dillard" <jwne@xxxxxxxxxx>
- To: Net-Gold -- Educator Gold <Educator-Gold@xxxxxxxxxxxxxxx>, Educator Gold <Educator-Gold@xxxxxxxxxxxxxxxx>, net-gold@xxxxxxxxxxxxx, Net-Gold <Net-Gold@xxxxxxxxxxxxxxx>, NetGold <netgold@xxxxxxxxxxxxxxx>, Net-Gold <net-gold@xxxxxxxxxxxxxxxx>, K-12ADMINLIFE <K12ADMIN@xxxxxxxxxxxxxxxxxxx>, K12AdminLIFE <K12AdminLIFE@xxxxxxxxxxxxxxx>, MediaMentor <mediamentor@xxxxxxxxxxxxxxx>, Digital Divide Diversity MLS <mls-digitaldivide@xxxxxxxxxxxxxxx>, NetGold <netgold@xxxxxxxxxxxxxxxx>, Net-Platinum <net-platinum@xxxxxxxxxxxxxxx>, Sean Grigsby <myarchives1@xxxxxxxxxxxxxxx>, Net-Gold <NetGold_general@xxxxxxxxxxxxxxxxx>, Temple Gold Discussion Group <TEMPLE-GOLD@xxxxxxxxxxxxxxxxxxx>, Temple University Net-Gold Archive <net-gold@xxxxxxxxxxxxxxxxxxx>, Health Lists -- Health Diet Fitness Recreation Sports Tourism <healthrecsport@xxxxxxxxxxxxxxxx>, Health Diet Fitness Recreation Sports <healthrecsport@xxxxxxxxxxxxxxx>, HEALTH-RECREATION-SPORTS-TOURISM@xxxxxxxxxxxxxxxxxxx
- Date: Tue, 30 Aug 2011 01:39:49 -0400 (EDT)
.
.
COMPUTER HACKING AND HACKERS :
EMAIL :
BUSINESS: CORPORATIONS: NAMED CORPORATIONS: GOOGLE:
Hackers Acquire Google Certificate, Could Hijack Gmail Accounts
.
.
Hackers Acquire Google Certificate, Could Hijack Gmail Accounts
Repeat of Comodo affair last March; foreign government may be behind
theft, says researcher
By Gregg Keizer
August 29, 2011 05:26 PM ET
Computer World
http://www.computerworld.com/s/article/9219569/
Hackers_acquire_Google_certificate_could_hijack_Gmail_accounts
.
A shorter URL for the above link:
.
http://tinyurl.com/3e77s44
.
.
Computerworld - Hackers have obtained a digital certificate good for any
Google website from a Dutch certificate provider, a security researcher
said today.
.
Criminals could use the certificate to conduct "man-in-the-middle" attacks
targeting users of Gmail, Google's search engine or any other service
operated by the Mountain View, Calif. company.
.
"This is a wildcard for any of the Google domains," said Roel
Schouwenberg, senior malware researcher with Kaspersky Lab, in an email
interview Monday.
.
"[Attackers] could poison DNS, present their site with the fake cert and
bingo, they have the user's credentials," said Andrew Storms, director of
security operations at nCircle Security.
.
Man-in-the-middle attacks could also be launched via spam messages with
links leading to a site posing as, say, the real Gmail. If recipients
surfed to that link, their account login username and password could be
hijacked.
.
Details of the certificate were posted on Pastebin.com last Saturday.
Pastebin.com is a public site where developers -- including hackers --
often post source code samples.
.
According to Schouwenberg, the SSL (secure socket layer) certificate is
valid, and was issued by DigiNotar, a Dutch certificate authority, or CA.
DigiNotar was acquired earlier this year by Chicago-based Vasco, which
bills itself on its site as "a world leader in strong authentication."
.
snip
.
Because the certificate is valid, a browser would not display a warning
message if its user went to a website signed with the certificate.
.
.
The complete article may be read at the URL above.
.
.
Sincerely,
David Dillard
Temple University
(215) 204 - 4584
jwne@xxxxxxxxxx
http://daviddillard.businesscard2.com
Net-Gold
http://groups.yahoo.com/group/net-gold
http://listserv.temple.edu/archives/net-gold.html
Index: http://tinyurl.com/myxb4w
http://groups.google.com/group/net-gold?hl=en
General Internet & Print Resources
http://guides.temple.edu/general-internet
COUNTRIES
http://guides.temple.edu/general-country-info
EMPLOYMENT
http://guides.temple.edu/EMPLOYMENT
TOURISM
http://guides.temple.edu/tourism
DISABILITIES
http://guides.temple.edu/DISABILITIES
INDOOR GARDENING
http://tech.groups.yahoo.com/group/IndoorGardeningUrban/
Educator-Gold
http://groups.yahoo.com/group/Educator-Gold/
K12ADMINLIFE
http://groups.yahoo.com/group/K12AdminLIFE/
The Russell Conwell Learning Center Research Guide:
THE COLLEGE LEARNING CENTER
http://tinyurl.com/yae7w79
Nina Dillard's Photographs on Net-Gold
http://tinyurl.com/36qd2o
and also http://gallery.me.com/neemers1
http://www.flickr.com/photos/neemers/
Twitter: davidpdillard
Bushell, R. & Sheldon, P. (eds),
Wellness and Tourism: Mind, Body, Spirit,
Place, New York: Cognizant Communication Books.
Wellness Tourism: Bibliographic and Webliographic Essay
David P. Dillard
http://tinyurl.com/p63whl
http://tinyurl.com/ou53aw
INDOOR GARDENING
Improve Your Chances for Indoor Gardening Success
http://tech.groups.yahoo.com/group/IndoorGardeningUrban/
http://groups.google.com/group/indoor-gardening-and-urban-gardening
SPORT-MED
https://www.jiscmail.ac.uk/lists/sport-med.html
http://groups.google.com/group/sport-med
http://groups.yahoo.com/group/sports-med/
http://listserv.temple.edu/archives/sport-med.html
HEALTH DIET FITNESS RECREATION SPORTS TOURISM
http://health.groups.yahoo.com/group/healthrecsport/
http://groups.google.com/group/healthrecsport
http://healthrecsport.jiglu.com/
http://listserv.temple.edu/archives/health-recreation-sports-tourism.html
.
.
Please Ignore All Links to JIGLU
in search results for Net-Gold and related lists.
The Net-Gold relationship with JIGLU has
been terminated by JIGLU and these are dead links.
http://groups.yahoo.com/group/Net-Gold/message/30664
http://health.groups.yahoo.com/group/healthrecsport/message/145
.
.
Other related posts:
- » [net-gold] COMPUTER HACKING AND HACKERS : EMAIL : BUSINESS: CORPORATIONS: NAMED CORPORATIONS: GOOGLE: Hackers Acquire Google Certificate, Could Hijack Gmail Accounts - David P. Dillard
