GlobalSign audit reveals only isolated web server breach
Posted on 12 September 2011.
GlobalSign - the CA that has been named by the Comodohacker as also compromised and has stopped issuing certificates until it finished investigating these claims - has revealed that only the web server hosting its site has been compromised.


The CA has retained the services of Fox-IT, the same security audit firm that investigates the DigiNotar breach, and the audit of its infrastructure revealed that all of its other servers show no evidence of compromise.

"The breached web server has always been isolated from all other infrastructure and is used only to serve the www.globalsign.com website," it said. "As an additional precaution, we continue to monitor all activity to all services closely."

Previously, the company has claimed that its CA root was created offline, and has always been offline. "Any claim of the Comodohacker to holding a private key does not refer to the GlobalSign offline root CA," it said.

It has also announced that it plans to bring some of its services back online on Monday during a sequenced startup, but that customers might not be able to process orders until Tuesday morning. The reactivation process will be executed with the help of the Cyber Defense Institute Japan.

"All forensics are being shared with the authorities and other CAs to assist with their own investigations into other potentially related attacks," it added.

I must say that the way that GlobalSign handled this situation could be used as a good example for all CAs.

In the meantime, Apple has finally released a security update for Mac OS X Snow Leopard and Lion, which has modified the trust system configuration and has made all certificates issued by DigiNotar or in its name untrusted.






Spotlight

Android Fake ID bug allows malware to impersonate trusted apps

Posted on 29 July 2014.  |  Bluebox Security researchers unearthed a critical Android vulnerability which can be used by malicious applications to impersonate specially recognized trusted apps - and get all the privileges they have - without the user being none the wiser.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //