[ISN] New hack on Comodo reseller exposes private data

From: InfoSec News <alerts_at_private>
Date: Wed, 25 May 2011 02:51:36 -0500 (CDT)

By Dan Goodin in San Francisco
The Register
24th May 2011

Yet another official reseller of SSL certificate authority Comodo has 
suffered a security breach that allowed attackers to gain unauthorized 
access to data.

Brazil-based ComodoBR is at least the fourth Comodo partner to be 
compromised this year. In March, the servers of a separate registration 
authority were hacked by attackers who used their access to forge 
counterfeit certificates signed with Comodo's root signing key. Comodo 
admitted that two more of its resellers were hit in similar attacks, 
although no keys were issued.

Comodo has so far declined to name the resellers.

The SQL-injection attack on ComodoBR exploited vulnerabilities in the 
company's web applications that allowed the hackers to pass database 
commands to the website's backend server. The attackers posted two data 
files that appeared to show information related to certificate signing 
requests, in addition to email addresses, user IDs, and password 
information for a limited number of employees.

Comodo president and CEO, Melih Abdulhayoglu, said Comodo systems were 
never compromised. He also said no certificates were issued as a result 
of the breach, and that the reseller had no access to Comodo databases.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Wed May 25 2011 - 00:51:36 PDT

This archive was generated by hypermail 2.2.0 : Wed May 25 2011 - 00:59:10 PDT