GlobalSign audit reveals only isolated web server breach
Posted on 12 September 2011.
GlobalSign - the CA that has been named by the Comodohacker as also compromised and has stopped issuing certificates until it finished investigating these claims - has revealed that only the web server hosting its site has been compromised.


The CA has retained the services of Fox-IT, the same security audit firm that investigates the DigiNotar breach, and the audit of its infrastructure revealed that all of its other servers show no evidence of compromise.

"The breached web server has always been isolated from all other infrastructure and is used only to serve the www.globalsign.com website," it said. "As an additional precaution, we continue to monitor all activity to all services closely."

Previously, the company has claimed that its CA root was created offline, and has always been offline. "Any claim of the Comodohacker to holding a private key does not refer to the GlobalSign offline root CA," it said.

It has also announced that it plans to bring some of its services back online on Monday during a sequenced startup, but that customers might not be able to process orders until Tuesday morning. The reactivation process will be executed with the help of the Cyber Defense Institute Japan.

"All forensics are being shared with the authorities and other CAs to assist with their own investigations into other potentially related attacks," it added.

I must say that the way that GlobalSign handled this situation could be used as a good example for all CAs.

In the meantime, Apple has finally released a security update for Mac OS X Snow Leopard and Lion, which has modified the trust system configuration and has made all certificates issued by DigiNotar or in its name untrusted.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //