DigiNotar files for bankruptcy
Posted on 20 September 2011.
After having its SSL and EVSSL certificates deemed untrustworthy by the most popular browsers, VASCO announced that DigiNotar, filed a voluntary bankruptcy petition and was declared bankrupt today.


This is unsurprising, since a report issued by security audit firm Fox-IT, who has been hired to investigate the now notorious DigiNotar breach, revealed that things were far worse than we were led to believe.

"The most critical servers contain malicious software that can normally be detected by anti-virus software," it says. "The separation of critical components was not functioning or was not in place. We have strong indications that the CA-servers, although physically very securely placed in a tempest proof environment, were accessible over the network from the management LAN."

All CA servers were members of one Windows domain and all accessible with one user/password combination. Moreover, the used password was simple and susceptible to brute-force attacks.

"Although we are saddened by this action and the circumstances that necessitated it," said T. Kendall Hunt, VASCO's Chairman and CEO. "We would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology. The technological infrastructures of VASCO and DigiNotar remain completely separated, meaning that there is no risk for infection of VASCO's strong authentication business. We also plan to cooperate with the Dutch government in its investigation of the person or persons responsible for the attack on DigiNotar."





Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //