They’re called “servers that lie.”
Mendacious machines controlled by hackers that reroute Internet traffic from infected computers to fraudulent Web sites are increasingly being used to launch attacks, according to a paper published this week by researchers with the Georgia Institute of Technology and Google Inc.
The paper estimates roughly 68,000 servers on the Internet are returning malicious Domain Name System results, which means people with compromised computers are sometimes being directed to the wrong Web sites — and often have no idea.
The peer-reviewed paper, which offers one of the broadest measurements yet of the number of rogue DNS servers, was presented at the Internet Society’s Network and Distributed System Security Symposium in San Diego.
Read the rest of this entry »
February 15th, 2008 | Posted in EV SSL, SSL Industry News, Security | No Comments
To fight cybercrime on the Web, security experts have tried “good cop” tactics. They’ve worked to teach users to spot and avoid the “phishing” sites that spread malicious software and steal bank codes. They’ve tried tweaking Web browsers and search engines to make scam sites more apparent. But as the dark side of the Web continues to grow and evolve, they’re considering a harsher strategy: wiping crime sites off the Web altogether.
The Anti-Phishing Working Group (APWG), a consortium of cybersecurity firms and Web businesses, is pushing a new initiative to streamline the process of permanently deleting fraud sites from the Web. Working with the registries that control and distribute domain names, the APWG is crafting a system that would accredit security organizations to act as the Web’s watchdogs, identifying phishing sites. The flagged sites are then pulled from registries and so banished from the Internet, sometimes in just minutes.
But despite its good intentions, the APWG’s proposed crackdown is drawing controversy. Although the group had hoped to propose its initiative to the Internet’s administrative body, the International Corporation for Assigned Names and Numbers, which is meeting this week in India, some of the Web’s biggest players are nervous about what they see as a drastic measure. Shortening the time it takes to pull the plug on a site, some worry, could lead to innocent victims.
Read the rest here …
February 14th, 2008 | Posted in EV SSL, Phishing, SSL Industry News, Security | No Comments
For aspiring novelists, screenwriters and even Ph.D. candidates, sending their life’s work to an online editing and proofreading service requires trust — and lots of it. That’s why thousands of authors, business people and students turn to Scribendi Inc., a Canadian provider of 24×7 editing services that has fortified its online presence with advanced security and validation solutions from VeriSign, Inc., the leading provider of Internet infrastructure for the networked world.
Recently, Scribendi deployed VeriSign Extended Validation (EV) Secure Sockets Layer (SSL) Certificates. With VeriSign EV SSL protection, Scribendi is further building trust and confidence among its customers by offering them instantly recognizable assurance that they have reached the genuine Scribendi site. With fraudulent Web sites rapidly emerging as a favorite tool of identity thieves, assurances like this one help establish lasting relationships with online customers.
Read more here …
February 14th, 2008 | Posted in EV SSL, SSL Certificate Authorities, SSL Industry News, VeriSign | No Comments
IT security solutions provider Comodo announced on Wednesday that universities are looking to deploy a best practices approach for protecting student information and securing their online activities. Solutions that universities are planning to adopt include Comodo’s anti-phishing SSL certificates, vulnerability management services and Comodo Two Factor for authenticated login and content verification certificates.
In the past three months, over 12 universities have selected Comodo to deliver a combination of solutions to meet a diverse set of needs, says the company. Some of these educational institutions include University of Connecticut, California University of Pennsylvania, DePaul University, SUNY, Ohio State, Yale, University of Chicago and Metropolitan College of NY.
Read more here …
February 14th, 2008 | Posted in Comodo, EV SSL, SSL Certificate Authorities, SSL Industry News | No Comments
Juniper Networks, Inc., the leader in high-performance networking, today announced that the Toronto Catholic District School Board (TCDSB) has selected its best-in-class, secure remote access solution to provide teachers and school administrators fast, reliable and secure access to a Web-based report card system from remote locations. By deploying the Juniper Networks Secure Access (SA) SSL VPN 6000 appliance, the school board was able to increase operational efficiencies without compromise to application or network performance.
Until recently, teachers accessed report cards through an application running on an internal server. With a finite number of school-based PCs, 5,500 teachers and nearly 400 school administrators accessing the system, the school board determined it needed to build a high-performance Web-based report card application that would provide teachers with secure remote access and the freedom to fill out report cards for more than 90,000 students at their convenience.
Read the rest of this entry »
February 14th, 2008 | Posted in SSL Industry News, VPN | No Comments