Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


The Security Mirage of the Browser Padlock

Feb 25, 2011, 00:03 (0 Talkback[s])
(Other stories by Idan Aharoni)

"After Your Secure SSL Session Ends, Merchants can Theoretically Keep your Entire Customer Profile in Clear Text. Attackers love to Exploit Vulnerabilities in Online Stores to Steal that Data.

"During Anonymous' Operation Payback, in which they conducted DDOS attacks against organizations that supposedly "wronged" Wikileaks, a part of the group suggested that they should try and embarrass these organizations in other manners. One of the proposed ideas was to create a fake list of several thousand credit cards, claiming that they have been compromised. They anticipated that this news would be perceived as shocking, causing damage to the reputation of their targets. Why eventually the group has decided not to go ahead with the plan is unknown. A possible explanation would be that they've learned the real amounts of compromised credit cards. The TJX compromise alone spanned 45.6 million cards and the news media these days is filled with stories about other mass compromises, so a bogus story about a few thousand compromised cards wouldn't even cause a dent.

"SSL False Sense of SecurityThe big compromises that hit the news only tell a part of the story. As Black Hat hackers have traded their morals for profits long ago, smaller online merchants have also been prey to hacking attempts."

Complete Story

Related Stories: