Rico's rants: Google and Yahoo impersonators

31 July 2014

Google and Yahoo impersonators

Apex, Rico's ISP, has an important warning:

Don’t trust Google and Yahoo just yet; they might be fake! On 10 July 2014, Microsoft issued a warning concerning the nature of identical SSL certificates and domains of some popular sites that might allow malicious copycat sites to emerge. As of now, the cause is unknown, but we know that this could be dangerous if you’re not prepared to deal with it.
The bulk of the security advisory warns that the National Informatics Centre (NIC) of India released a number false domains and security certificates. Many of these domains belonged to Google and Yahoo, and could potentially lead to spoofing attacks by companies posing as the real deal (or what Larry Seltzer of ZDnet calls “man-in-the-middle” attacks). The worst part of this whole debacle is that programs will likely trust these certificates.
The Microsoft advisory states that they have updated the Certificate Trust List for all supported versions of Windows, which resolves the issue for many users of Microsoft’s operating system. However, it should be noted that Windows XP does not receive this fix, and XP users will be vulnerable to this threat.
The advisory provides a list of all affected software. Several domains were also assigned, including, but not limited to:
google.com
m.gmail.com
gstatic.com
mail.yahoo.com
static.com
If you are currently running Windows 8 or higher, your system will use an automatic updater that will fix the issue for you. Windows 7 received a similar fix last year that has resolved the problem. Not to beat the dead cyber-horse, but if you haven’t upgraded away from Windows XP, you should strongly consider it; not only is your company’s data on the line, but so is your personal information.
If you have any concerns about the latest security threats and vulnerabilities, contact Apex IT Group at 877-799-2739. We’ll work with you to make sure that your network is as secure as can be.