Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


nunz

1423 posts

Uber Geek
Inactive user


#238073 2-Jul-2018 12:03
Send private message

I got an expired cert message when logging in - *.io   Expired July 1. 

 

 


Create new topic
freitasm
BDFL - Memuneh
68843 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2047390 2-Jul-2018 12:05
Send private message

Sorry, no idea - *.io? Could you please be more precise?





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


nunz

1423 posts

Uber Geek
Inactive user


  #2047394 2-Jul-2018 12:12
Send private message

freitasm:

 

Sorry, no idea - *.io? Could you please be more precise?

 

 

Eset popped up an invalid cert warning when logging on - ended in .io.    Expired 1 July. Looked like part of a chain from a CDN content provider or similar . 

 

 


 
 
 
 


UHD

UHD
656 posts

Ultimate Geek
Inactive user


  #2047862 2-Jul-2018 20:45
Send private message

I think freitasm might have been asking for the characters directly before the .io in order to chase this up.


freitasm
BDFL - Memuneh
68843 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2047863 2-Jul-2018 20:47
Send private message

I am thinking probably an external service as we do not directly use any .io domain.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


Aredwood
3885 posts

Uber Geek


  #2047942 3-Jul-2018 00:21

nunz:

I got an expired cert message when logging in - *.io   Expired July 1. 


 



Definitely investigate this. As I'm guessing that *.io would be a wildcard certificate for every website that happens to have a .io domain. Such a certificate will almost certainly be fraudulent.

This is a very big red flag that someone is trying or has successfully completed a MITM attack on your internet connection or browser.

Note that some corporate devices have self signed certificates to allow the company to monitor what employees do online, including on secure websites.





nunz

1423 posts

Uber Geek
Inactive user


  #2051084 7-Jul-2018 13:30
Send private message

Aredwood:
nunz:

 

I got an expired cert message when logging in - *.io   Expired July 1. 

 

 

 

 

 



Definitely investigate this. As I'm guessing that *.io would be a wildcard certificate for every website that happens to have a .io domain. Such a certificate will almost certainly be fraudulent.

This is a very big red flag that someone is trying or has successfully completed a MITM attack on your internet connection or browser.

Note that some corporate devices have self signed certificates to allow the company to monitor what employees do online, including on secure websites.

 

 

 

I've run tests on all systems and my firewall  / outer system is pretty much invisible / closed.

 

browser passes all av checks from three AVs as well as malware etc checks.

 

It is bog standard firefox with almost all addins turned off / deleted.

 

It felt like a CDN message  - something from an advert or third party part of the page


hio77
'That VDSL Cat'
12609 posts

Uber Geek

Trusted
Subscriber

  #2051086 7-Jul-2018 13:36
Send private message

my .io domains are fine?.. 

 

 

 

Sounds like a MITM attack imo, maybe just a poorly setup network with transparent injection?





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 


Create new topic





News »

Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32


NordVPN starts deploying colocated servers
Posted 7-Oct-2020 09:00


Google introduces Nest Wifi routers in New Zealand
Posted 7-Oct-2020 05:00


Orcon to bundle Google Nest Wifi router with new accounts
Posted 7-Oct-2020 05:00


Epay and Centrapay partner to create digital gift cards
Posted 2-Oct-2020 17:34


Inseego launches 5G MiFi M2000 mobile hotspot
Posted 2-Oct-2020 14:53









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.