http://www.theregister.co.uk/2011/12/08/certificate_authority_hacked/ By Dan Goodin in San Francisco The Register 8th December 2011 Websites belonging to a Netherlands-based issuer of digital certificates were unavailable following reports hackers penetrated their security and accessed databases that should have been off limits. Dutch telecommunications giant KPN issued a statement (translation here) that said it temporarily shut the website of it's Gemnet subsidiary while it investigated the hack. A second website belonging to a KPN subsidiary that issues digital certificates to the Dutch government was also taken down. The breach, which was first reported by Webwereld journalist Brenno de Winter, is the latest to compromise one of the several hundred online businesses authorized to mint digital certificates millions of websites and government and corporate networks rely on to shield communications from eavesdroppers. In August, another Netherlands-based certificate authority also suspended operations after it issued a fraudulent secure sockets layer certificate for Google. DigiNotar eventually went bankrupt after an investigation revealed that shoddy security led to the issuance of dozens of counterfeit credentials, including one for Google Mail that was used to target more than 300,000 people accessing their Gmail accounts. [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Fri Dec 09 2011 - 01:14:47 PST
This archive was generated by hypermail 2.2.0 : Fri Dec 09 2011 - 01:12:40 PST