DigiNotar files for bankruptcy
Posted on 20 September 2011.
After having its SSL and EVSSL certificates deemed untrustworthy by the most popular browsers, VASCO announced that DigiNotar, filed a voluntary bankruptcy petition and was declared bankrupt today.


This is unsurprising, since a report issued by security audit firm Fox-IT, who has been hired to investigate the now notorious DigiNotar breach, revealed that things were far worse than we were led to believe.

"The most critical servers contain malicious software that can normally be detected by anti-virus software," it says. "The separation of critical components was not functioning or was not in place. We have strong indications that the CA-servers, although physically very securely placed in a tempest proof environment, were accessible over the network from the management LAN."

All CA servers were members of one Windows domain and all accessible with one user/password combination. Moreover, the used password was simple and susceptible to brute-force attacks.

"Although we are saddened by this action and the circumstances that necessitated it," said T. Kendall Hunt, VASCO's Chairman and CEO. "We would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology. The technological infrastructures of VASCO and DigiNotar remain completely separated, meaning that there is no risk for infection of VASCO's strong authentication business. We also plan to cooperate with the Dutch government in its investigation of the person or persons responsible for the attack on DigiNotar."





Spotlight

(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Mar 5th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //