http://www.informationweek.com/news/security/attacks/232600151 By Mathew J. Schwartz InformationWeek February 02, 2012 Several successful hacks of VeriSign's network, in 2010, might have compromised critical information relating to the Internet's domain name system (DNS). According to information released by VeriSign in October 2011, "we have investigated and do not believe these attacks breached the servers that support our domain name system network." But the company didn't rule out that information relating to the DNS network wasn't stolen in the attacks, which occurred before some assets of the company were acquired by Symantec in 2010. VeriSign helps manage the DNS--which enables IP addresses to be mapped to textual website names--as well as the ".com" top-level domain. But the company also provides user authentication services, offers website security services, conducts cybercrime research, and signs code, to authenticate updates from such software vendors as Microsoft and Adobe, as well as for Java. Thursday, however, Symantec said that the attackers definitely hadn't accessed certain critical systems. "The Trust Services (SSL), User Authentication (VIP), and other production systems acquired by Symantec were not compromised by the corporate network security breach mentioned in the VeriSign Inc. quarterly filing," spokeswoman Nicole Kenyon said via email. "Symantec takes the security and proper functionality of its solutions very seriously." [...] _____________________________________________________ Did a friend send you this article? Make it your New Year's Resolution to subscribe to InfoSec News! http://www.infosecnews.org/mailman/listinfo/isnReceived on Fri Feb 03 2012 - 01:15:28 PST
This archive was generated by hypermail 2.2.0 : Fri Feb 03 2012 - 01:21:17 PST