After security scare, Facebook backs Google’s rogue certificate tracker
Facebook has vouched for a Google-made security system after it helped discover two potentially rogue certificates that were recently used for several fb.com subdomains.
Facebook has vouched for a Google-made security system after it helped discover two potentially rogue certificates that were recently used for several fb.com subdomains.
Symantec needs to fully explain how it came to issue rogue digital certificates for Google domains or face the wrath of Google and a Chrome blockade.
Nearly three years after now-defunct Dutch digital certificate authority Diginotar was compromised, would-be hackers are still trying to use its digital certificates to sneak malware onto outdated and insecure systems, according to a Symantec security expert.
David Braue | 14 Mar | Read more
Responding to the increasing number of threats aimed at certificate authorities and the ecosystem of trusted online transactions they represent, seven certificate authorities have come together to form an advocacy group to advance security standards and promote best practices.
Thor Olavsrud | 15 Feb | Read more
Experts agree that the security industry as a whole could benefit from sharing more information about malware and attacks
Antone Gonsalves | 12 Feb | Read more
The 2011 security breach at Dutch certificate authority (CA) DigiNotar resulted in an extensive compromise and was facilitated in part by shortcomings in the company's network segmentation and firewall configuration, according to Fox-IT, the security company contracted by the Dutch government to investigate the incident.
Lucian Constantin | 31 Oct | Read more
Hacked Dutch certificate authority DigiNotar on Monday filed for bankruptcy, its US authentication company parent Vasco announced.
GlobalSign expects to bring its certificate-issuing systems back online on Monday, and resume business Tuesday, it said over the weekend. The U.S. certificate authority (CA) stopped issuing new SSL certificates last Tuesday in order to audit its security, after being named as a target by the hacker who claimed to have attacked Dutch CA DigiNotar.
John Ribeiro | 12 Sep | Read more
Google is directly contacting users in Iran, who may have been compromised by a rogue SSL certificate, to recommend measures to secure their accounts.
John Ribeiro | 09 Sep | Read more
Following the high-profile hack of DigiNotar, the makers of the Firefox browser are asking issuers of digital certificates to take a hard look at their internal security and to report back in a week.
Robert McMillan | 09 Sep | Read more
The world’s fifth largest issuer of SSL (secure sockets layer) certificates, Global Sign, has stopped issuing certificates following a claim that its systems were compromised.
Browser makers have generally been quick to react to the computer compromise at digital certificate issuer DigiNotar, but that hasn't been the case for all mobile phone makers.
Robert McMillan | 07 Sep | Read more
The so-called Comodo Hacker has claimed credit for the breach of Dutch SSL (secure sockets layer) certificate authority DigiNotar, now known to be behind 531 forged certificates.
Iranian internet users whose security may have been compromised by the forged Google.com digital certificate could number in the hundreds of thousands. An interim report (PDF) commissioned by DigiNotar, the certification authority (CA) at the centre of the hacking incident, also reveals lax security at the Dutch firm.
Stilgherrian | 06 Sep | Read more
On 28 August Iranian citizens were subjected to a far reaching cyber snooping operation made possible by an attack on Dutch certificate authority DigiNotar.