The newest post
published on
2012-01-01 23:15
by Maciej Duda
published on
2012-01-01 23:15
by Maciej Duda
My favourite IT security events in 2011
Here is my subjective list of most interesting events. I hope that the lessons we learned in 2011 year will bring higher security awareness and result in less problems in 2012. Stay safe, everyone and remember to be always a little bit more paranoid.
CA certificates takeover
SSL certificates became main target for attacks in Internet. There were MITM [1] and weaknesses in software responsible for cert verification [2], but most stunning was theft of CA from DigiNotar, which resulted in compromising whole tree of official certificates including Google Mail, Mozilla. Yahoo and Wordpress. For couple of days Internet froze because there was no guarantee that ssl certificate is valid and safe. DigiNotar announced bankruptcy on September 2011.LulzSec mayhem
As Sony Pictures Entertainment has became main target of attacks with over 20 hacks in two months, LulzSec popularity grew by every day. Their statement - cause mayhem no matter what - brought controversial opinions. People were cheering them to attack (mostly with DDoS method) more challenging targets including FBI and CIA, but when LulzSec began to target geek-related environments like EVE, LoL or Minecraft, their popularity wasn't strong as before. They also made enemies with other hacking groups and small civil war was inevitable. The story of LulzSec ends after 50 days of intensive activity. There are suspicions that other hackers compromised LulzSec members identities and forced them to suspend their activity.HBGary Federal incident
Thats one nice peace of story, which deserves movie adaptation. Security audit company hired by US government for consultent and infiltration of big hacking groups such as Wikileaks and Anonymous became victim of it's own techniques and incompetence. HBGary has been hacked by Anonymous compromising confidential emails, which revived unprofessional methods practiced by the company.RSA SecurID tokens fiasco
RSA used to have strong reputation before this incident, but the way they handled it by misinforming users about current statement resulted in permanent loss of market position be this company. The attack was represented as "extremely sophisticated", was as a matter of fact easy to stop pdf/excel macro, which was executed by low priority employee.References
[1] https://seventhoctober.net/2011/08/ssl-mitm-with-an-inserted-ca-and-a-dns-hijack/[2] http://blog.spiderlabs.com/2011/07/twsl2011-007-ios-ssl-implementation-does-not-validate-certificate-chain.html
Previous 5 posts
| SOPA | 2011-12-18 |
| I found Tesla Roadster | 2011-11-10 |
| I successfully attached iPad to my wifi network | 2011-09-07 |
| Dud project 5 released | 2011-08-05 |