[PLUG-TALK] Web Certificate System Cracked

Rich Shepard rshepard at appl-ecosys.com
Sun Sep 11 15:01:04 PDT 2011


   This is a very interesting article:

                         <http://tinyurl.com/3s2hzlz>

about an Iranian cracker who stole certificate authority from three issuers.
The Dutch site must be running Microsoft because, the article reports, "The
company’s critical servers contained malicious software that should have
been spotted by antivirus tools, the report said, and the servers related to
certificates were all protected by just one weak password. DigiNotar did not
respond to requests for comment last week."

   I'm sure those of you professionals who understand this corner of the 'Net
will have valuable insights into this situation. I look forward to reading
your comments.

Rich



More information about the PLUG-talk mailing list