iran

Iranians have lost the right to surf the Web anonymously at Internet cafes as the government reportedly moves closer to its ultimate goal of replacing the global network with a censored national intranet.

The Iranian Cyber Police published new rules on Wednesday designed to allow officials to know exactly who is visiting what Web sites. Before they can log on, Iranians are required to provide their name, father's name, address, telephone number and national ID, according to an Iranian media report cited by Radio Free Europe. Cafe owners will be required to install security cameras and to keep all … Read more

A U.S. stealth drone in Iranian hands was hijacked by using software that spoofed GPS coordinates, forcing it to land at those coordinates, the Christian Science Monitor reported today.

Hackers reconfigured the GPS system of the RQ-170 Sentinel, forcing it to "land on its own where we wanted it to, without having to crack the remote-control signals and communications," said an unnamed Iranian engineer who said he examined the captured drone.

"The GPS navigation is the weakest point," he told the newspaper. "By putting noise [jamming] on the communications, you force the bird into … Read more

Google is telling people in Iran to change their passwords and take other security precautions in the wake of an Internet attack in which the google.com domain was spoofed.

"We learned last week that the compromise of a Dutch company involved with verifying the authenticity of websites could have put the Internet communications of many Iranians at risk, including their Gmail," Eric Grosse, Google's vice president of security engineering, wrote in a blog post last night.

"While Google's internal systems were not compromised, we are directly contacting possibly affected users and providing similar information … Read more

The number of fraudulent security certificates issued by a hacked Dutch firm has ballooned from the 247 reported last week to 531, and the main purpose of the attack appears to have been to spy on Iranian dissidents.

The list of domains for which fraudulent Secure Sockets Layer (SSL) certificates were issued by DigiNotar, a root certificate authority, now includes sites such as the CIA, MI6, Facebook, Microsoft, Skype, Twitter, and WordPress, among others, according to a list released this weekend by the Dutch Ministry of Justice. In the wake of the new revelations, the Dutch government has reportedly expressed … Read more

A Dutch company appears to have issued a digital certificate for Google.com to someone other than Google, who may be using it to try to re-direct traffic of users based in Iran.

Yesterday, someone reported on a Google support site that when attempting to log in to Gmail the browser issued a warning for the digital certificate used as proof that the site is legitimate, according to this thread on a Google support forum site.

"Today, when I tried to login to my Gmail account I saw a certificate warning in Chrome," someone using the screen name &… Read more

SAN FRANCISCO--A year ago, Ralph Langner was plugging away in relative obscurity, doing security consulting work for the industrial control system industry in his Hamburg headquarters. Then along came Stuxnet, the first malware targeting not consumer financial data like so many viruses these days but the very systems he knows so well--software used to control processes in manufacturing and utility plants.

The sophistication behind Stuxnet, which appeared last July, was fairly clear from the get-go. It spreads via unpatched holes in Windows and USB devices, drops a rootkit to hide the compromise from administrators, and uses fraudulent digital certificates to … Read more

The hacker group Anonymous has its next denial-of-service (DoS) target in sight: Iran, CNET has learned.

Members of the loosely organized group are planning "Operation Iran," an attack designed to shut down Iranian Web sites beginning Sunday, according to their latest online proclamation. May 1 is International Worker's Day.

"The people of Iran have the admiration of Anonymous, and the entire world," the statement says. "We can see that Iran still suffers at the hands of those in power. Your former government has seized control, and tries to silence you. People of Iran--your rights … Read more

Iran is investigating new malware dubbed "Stars" that government officials say is being targeted at the country as part of ongoing cyberattacks.

"The particular characteristics of the Stars virus have been discovered," Gholamreza Jalali, commander of the Iranian civil defense organization, told the Mehr news agency according to Reuters.

"The virus is congruous and harmonious with the (computer) system and in the initial phase it does minor damage and might be mistaken for some executive files of government organizations," he said, declining to specify what equipment the virus targets.

Jalali said efforts to contain … Read more

After a hacker obtained fraudulent digital certificates that could be used to impersonate Google, Yahoo, Skype, and other major Web sites, the security company that issued them blamed the Iranian government.

There is only "one conclusion," Comodo, the Jersey City, N.J.-based issuer of digital certificates said in a report tracing the intrusion to Iran. "This was likely to be a state-driven attack."

Well, not quite. The perpetrator claims to be a 21-year-old Iranian patriot--a "single programmer with the experience of 1,000 programmers"--who told CNET he carried out the intrusion in … Read more