|
From InfoWorld: Google said late Sunday that an attack mounted against its Gmail service targeted users primarily located in Iran, although the company has taken steps to block further interception attempts. Google discovered that attackers had acquired a Secure Sockets Layer (SSL) certificate valid for any website in the google.com domain. The SSL certificate is used to vouch for the authenticity of websites and protect against security threats such as "man-in-the-middle" attacks. Private companies, known as certificate authorities (CAs), make money from issuing digital certificates, although experts have pointed out there are many weaknesses in how certificates are issued that could undermine security. In this case a Dutch CA, DigiNotar, issued an SSL certificate for the google.com domain on July 10, without Google's knowledge. It has since revoked the certificate. View: Article @ Source Site |
 |
Google says Gmail attack focused on Iranian targets
© Since 2005 APH Networks Inc. All trademarks mentioned are the property of their respective owners.