Details have emerged as to how hackers managed to take down the entire DNS infrastructure of a Brazilian bank in order to rob customers in October of last year. By using certificates from Lets Encrypt, the thieves were able to transfer all 36 of the banks domains to phony websites, where unsuspecting users would give away their details. Kevin Bocek, Chief Cyber-Security Strategist at Venafi commented below.
Kevin Bocek, Chief Cyber-Security Strategist at Venafi:
“Cybercriminals can now steal money by taking advantage of the one security measure every Internet user has been trained to trust: the green padlock in web browsers. These padlocks are supposed to signify a trusted digital certificate is in use, but now bad actors can obtain them for free. This attack is part of a much larger problem that jeopardizes the system of trust behind all digital commerce. Security professionals don’t understand the scale and scope of this problem and they don’t have the tools they need to control it.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…