Blog Posts Tagged with "DigiNotar"

0a8cae998f9c51e3b3c0ccbaddf521aa

The Growing Importance of Protecting Certificate Authorities

April 08, 2012 Added by:Rafal Los

We've seen a few of the largest CAs get compromised and fake certificates end up in the hands of nation-states which wanted to spy on their population. It goes without saying that there are likely more attacks that we've simply either not picked up or were unreported...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Top Ten Information Security Events from 2011

January 03, 2012 Added by:Headlines

As 2011 was such an eventful year where security is concerned, no doubt many readers will point to numerous instances where they feel an episode was overlooked that should have been included in the top ten - but hey, you have to draw the line somewhere...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Ever-Clearer Vulnerabilities in Certificate Authority System

January 03, 2012 Added by:Electronic Frontier Foundation

At EFF we are big fans of HTTPS, the secure version of HTTP that allows for private conversations between websites and users who are browsing them. Though we've known that this system has been flawed for a while now, last year there were two attacks that acutely demonstrated just how brittle it is...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ENISA Releases DigiNotar Report: Operation Black Tulip

December 06, 2011 Added by:Headlines

"The Diginotar attack was an attack on the foundations of secure electronic communications (email, web browsing, web services). The above-mentioned issues should be addressed by industry and governments, to guarantee the security of service in the digital society..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Scammers Exploiting Bogus DigiNotar SSL Certificates

September 20, 2011 Added by:Headlines

Security provider Barracuda Networks has warned of a spamming campaign targeting Royal Bank of Canada customers. The spam messages falsely notify users that their SSL certificate has expired, and that in order to continue using online banking services they are required to update the certificate...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DigiNotar Files for Bankruptcy Following Security Lapse

September 20, 2011 Added by:Headlines

DigiNotar has filed a voluntary bankruptcy petition following a serious breach of security. “We are working to quantify the damages caused by the hacker’s intrusion into DigiNotar’s system and will provide an estimate of the range of losses as soon as possible..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DigiNotar Banned from Issuing New Digital Certificates

September 16, 2011 Added by:Headlines

"An unauthorized third party (hacker) has been active on the CA server that is used for issuing qualified certificates... The integrity of the data on the [DigiNotar] server that is used for production and issuance of qualified certificates is therefore impossible to guarantee..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Comodohacker Claims Windows Update Compromise

September 13, 2011 Added by:Headlines

“I’m able to issue Windows updates... I already reversed ENTIRE Windows update protocol, how it reads XMLs via SSL, which includes URL, KB no, SHA-1 hash of file for each update, how it verifies that downloaded file is signed using WinVerifyTrust API..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Hacked Certificate Authorities - Nothing Left to Trust

September 12, 2011 Added by:Rafal Los

When the very authority that helps your computer systems identify who to trust is compromised... who or what is there left to trust? I don't mean to sound alarmist, but if even half the claims this black hat hacker are making are true, we have a severe Defcon 1-style problem on our hands...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Comodo: Iran Responsible for Rogue Digital Certificates

September 08, 2011 Added by:Headlines

"The attack on Diginotar doesn't rival Stuxnet in terms of sophistication or coordination. However, the consequences of the attack on Diginotar will far outweigh those of Stuxnet. The attack on Diginotar will put cyberwar on or near the top of the political agenda of Western governments..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Preliminary Report on Bogus DigiNotar Certificates

September 06, 2011 Added by:Headlines

"A number of servers were compromised. The hackers have obtained administrative rights to the outside webservers, the CA server Relaties-CA and also to Public-CA. Traces of hacker activity started on June 17th and ended on July 22nd..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Potentially Hundreds of Bogus Digital Certificates Issued

August 31, 2011 Added by:Headlines

"Chrome's hardcoded certificate blacklist actually increased by 247 entries... When a Comodo reseller was hacked back in March and its infrastructure was used to issue rogue certs for Google, Hotmail, Yahoo and other sites, Chrome's blacklist increased with just 10 certs..."

Comments  (0)