man in the middle attack

(get it in RSS or Atom)

Hundreds of Dark Web sites cloned and "booby trapped"


Juha Nurmi, founder of the Ahmia search project, first noticed a fake version of his own site before discovering that there are multiple clones of hundreds of other Dark Web sites. The sites could be used for surveillance or for conducting man-in-the-middle attacks and include a clone of the popular DuckDuckGo search engine.

Gogo forges YouTube SSL certificate to throttle high-bandwith usage on flights

Plane. Image courtesy of Shutterstock.

It swears it's not intercepting user data, but issuing a fake HTTPS certificate sure doesn't make us feel warm and fuzzy.

Turkish Certificate Authority screwup leads to attempted Google impersonation


Another Certificate Authority has been caught out having issued certificates that were being used to impersonate Google. Does the SSL padlock not mean we are safe anymore?

A picked pocket in Mallorca reveals chink in chip-and-PIN security

A picked pocket in Mallorca reveals widespread hole in chip-and-PIN security

Researchers at Cambridge University are warning that a issue common to ATMs and point-of-sale terminals could enable attackers to clone secure EMV Chip and PIN cards.