Security Alerts & News
by Tymoteusz A. Góral

History
#1404 How one man could have owned GitHub, and what happened next…
A WoSign customer wanted to acquire a certificate for the server name med.ucf.edu, a subdomain of the University of Central Florida’s domain ucf.edu.

The customer was duly authorised to run this subdomain, which belongs to the College of Medicine, so WoSign was correct to approve it.

However (and, in hindsight, by good fortune), the customer also accidentally applied for a certificate for www.ucf.edu, presumably having mistyped www.med.ucf.edu.

To his surprise (I am guessing at the customer’s gender here), the second application was approved as well.

This turned out to be more than just a one-off, because the customer did a second test, using a certificate in the name of another domain he had the right to control, namely anaccount.github.com (and anaccount.github.io).

Deliberately following the same faulty path that he had followed by mistake in his previous application, he ended up with a vouched-for certificate for all of github.com, github.io, and www.github.io.

As these are the primary server names for the popular source code hosting service GitHub, this would have been a blunder with serious consequences if a crook were to have spotted this trick and acquired the dodgy GitHub certificate with cybercrime in mind.
Read more
#1406 Research: Companies fear mobile devices as massive cybersecurity threat
#1405 Cybercrime and cyberwar: A spotter's guide to the groups that are out to get you
#1404 How one man could have owned GitHub, and what happened next…
#1403 Building a new Tor that can resist next-generation state surveillance
#1402 New version of Cerber ransomware distributed via malvertising
#1401 Dropbox hackers stole e-mail addresses, hashed passwords from 68M accounts
#1400 Fairware attacks targeting Linux servers
#1399 So much for counter-phishing training: Half of people click anything sent to them
#1398 Thousands of security threats happen every five minutes: Trend Micro VP
#1397 SWIFT warns banks of more cyberattacks
#1396 Chrome 53 fixes address spoofing vulnerability and 32 other bugs
#1395 Hackers stole over 43 million Last.fm accounts in 2012 breach
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12