Heart of Texas Network Consultants Blog

Heart of Texas Network Consultants has been serving the Central Texas area since 1992, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Alert: Google and Yahoo Doppelgangers Threaten the Internet

b2ap3_thumbnail_doppleganger_scam_400.jpgDon't trust Google and Yahoo just yet - they might be fake! On July 10th, 2014, Microsoft issued a warning concerning the nature of identical SSL certificates and domains of some popular sites that might allow malicious copycat sites to emerge. As of now, the cause is unknown, but we know that this could be dangerous if you're not prepared to deal with it.

The bulk of the security advisory warns that the National Informatics Centre (NIC) of India released a number false domains and security certificates. Many of these domains belonged to Google and Yahoo, and could potentially lead to spoofing attacks by companies posing as the real deal (or what Larry Seltzer of ZDnet calls "man-in-the-middle" attacks). The worst part of this whole debacle is that programs will likely trust these certificates.

The Microsoft advisory states that they have updated the Certificate Trust List for all supported versions of Windows, which resolves the issue for many users of Microsoft's operating system. However, it should be noted that Windows XP does not receive this fix, and XP users will be vulnerable to this threat.

The advisory provides a list of all affected software. Several domains were also assigned, including, but not limited to:

  • google.com
  • m.gmail.com
  • gstatic.com
  • mail.yahoo.com
  • static.com

If you are currently running Windows 8 or higher, your system will use an automatic updater that will fix the issue for you. Windows 7 received a similar fix last year that has resolved the problem. Not to beat the dead cyber-horse, but if you haven't upgraded away from Windows XP, you should strongly consider it - not only is your company's data on the line, but so is your personal information.

If you have any concerns about the latest security threats and vulnerabilities, contact Heart of Texas Network Consultants at (254) 848-7100. We'll work with you to make sure that your network is as secure as can be.

Google Strengthens Zero-Day Exploit Research
Forget 3D Movies - 3D Printing is the New Thing
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, November 22 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

2012
January
February
March
April
May
June
August
September
October
November
December