Details have emerged as to how hackers managed to take down the entire DNS infrastructure of a Brazilian bank in order to rob customers in October of last year. By using certificates from Lets Encrypt, the thieves were able to transfer all 36 of the banks domains to phony websites, where unsuspecting users would give away their details. Kevin Bocek, Chief Cyber-Security Strategist at Venafi commented below.
Kevin Bocek, Chief Cyber-Security Strategist at Venafi:
“Cybercriminals can now steal money by taking advantage of the one security measure every Internet user has been trained to trust: the green padlock in web browsers. These padlocks are supposed to signify a trusted digital certificate is in use, but now bad actors can obtain them for free. This attack is part of a much larger problem that jeopardizes the system of trust behind all digital commerce. Security professionals don’t understand the scale and scope of this problem and they don’t have the tools they need to control it.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…