Thursday, August 7, 2008
A network security vulnerability recently identified in the domain name system (DNS) which could allow hackers to hijack websites also affects email servers, the researcher who discovered the problem has said.
Commenting on Wednesday, Dan Kaminsky said that the flaw allowed malicious users to bypass email filters and intercept messages.
The Associated Press reported that the sensitive nature of email correspondence means that this silent attack could have large email security implications.
Kaminksy explained that hackers could potentially plant themselves between senders and recipients and grab copies of messages while in transit.
However, speaking at the Black Hat security conference, he praised major players for a rapid response in developing patches for the flaw.
"The industry has rallied like we've never seen the industry rally before," he told attendees at the expo.
Originally identified last month, Kaminsky withheld details of the network security vulnerability to allow vendors to develop fixes to the problem, although explanations of the DNS flaw were leaked on the internet prior to the Black Hat conference.
Related News:
Cybercrime is a geopolitical issue - 11.14.2008
As cybercrime has become ever more lucrative, hacking has taken on a geopolitical dimension, SC Magazine has claimed.
Phishing scams an added burden on Wall St - 11.7.2008
Working group launches phishing scam guidance - 11.4.2008
The Anti-Phishing Working Group (APWG) has issued new guidance for domain registrars which aims to help them identify websites used to launch phishing scams.
Sarkozy smells a phish - 10.21.2008
French president Nicolas Sarkozy has derided the state of email security after being caught out by a phishing scam.
The year's biggest email security scams - 10.21.2008
The launch of phishing scams purporting to originate from hurricane recovery charities is one of the biggest email security stories of the year so far.
