GlobalSign resumes issuing security certificates Skip to main content

GlobalSign resumes issuing security certificates

Belgian security firm GlobalSign is to resume issuing website authentication certificates, after a hacker claimed to have breached its systems.
The company is still investigating whether bogus certificates were created in its name.
Had that happened, cyber criminals would have been able to spy on users accessing supposedly secure sites.
An earlier attack on Dutch company DigiNotar resulted in several hundred false certificates being issued.
GlobalSign said it would start bringing its systems back online on Monday, but did not expect to be processing new certificates until Tuesday.
The company posted a statement on its website: "We are adopting a high threat approach to bringing services back online and we are working with a number of organisations to audit the process of bringing the services back online."
As well an an internal audit, GlobalSign has also asked an external security consultant - Fox IT - to review its systems. The same company carried out an investigation into the attack on DigiNotar.
Even as it was preparing to resume issuing authorisation certificates, GlobalSign experienced an attack on a separate system used to operate its website.
The company said that the server was isolated from the rest of its infrastructure and only used to serve www.globalsign.com.
Anonymous claims GlobalSign temporarily halted the creation of new certificates in response to an anonymous posting uploaded to the pastebin website.
Authentication certificate Authentication certificates are used to verify secure websites
The author, who identified themselves only as "ComodoHacker", claimed to have gained access to four certificate authorities, in addition to DigiNotar.
There was no hard evidence that GlobalSign's systems were compromised.
However it decided to take the precaution because of the severity of the earlier attack on DigiNotar.
It is believed that at least 500 false certificates were created with that company's system. Many ended up being used in Iran, potentially giving users a false sense of security when accessing services such as GMail.
Authentication certificates are used by some websites to give their users secure access.
Typically these take the form of a TLS or SSL connection - which can be identified by the appearance of a padlock logo and "https" prefix.
Together, they are supposed to guarantee that the site is what it appears to be, and that the user's session is not being monitored.
Hundreds of bodies - known as certificate authorities (CAs) - are allowed to provide such authentication.

http://www.bbc.co.uk/news/technology-14879998
Labels:

Comments

Post a Comment

Popular posts from this blog

Sri Bhaddanta Chandramani Mahathera

The Life Story of A Distinguished And Outstanding Bhikkhu The Most Venerable Saradawpharagree Sri Bhaddanta Chandramani Mahathera The Buddhist missionary Saradaw Ashin U Chandramani was endowed with great gifts and led a famous and long life. He was a very well known, distinguished and outstanding Bhikkhu Mahathera. While living in the Kushinagar Monastery, a place close to where the Lord Buddha had passed away to Nirvana, the Government of India had offered, and he had accepted, the highest, most honourable and respected title "Guru Guru MahaGuru". He became the first ever President of all Buddhists in India.A World Buddhist Conference took place in Kathmandu during the reign of King Mahindra of Nepal. The Conference was very well attended by over one hundred thousand Buddhists from various parts of the world and it was opened by King Mahindra himself. As requested by the King, Saradawpharagree blessed all the participants with the power of Triple Gems...
Post a Comment
Read more

Thai penis whitening trend raises eyebrows

Image copyright LELUXHOSPITAL Image caption Authorities warn the procedure could be quite painful A supposed trend of penis whitening has captivated Thailand in recent days and left it asking if the country's beauty industry is taking things too far. Skin whitening is nothing new in many Asian countries, where darker skin is often associated with outdoor labour, therefore, being poorer. But even so, when a clip of a clinic's latest intriguing procedure was posted online, it quickly went viral. Thailand's health ministry has since issued a warning over the procedure. The BBC Thai service spoke to one patient who had undergone the treatment, who told them: "I wanted to feel more confident in my swimming briefs". The 30-year-old said his first session of several was two months ago, and he had since seen a definite change in the shade. 'What for?' The original Facebook post from the clinic offering the treatment, which uses lasers to break do...
1 comment
Read more

Three Dead, Seven Injured by Artillery Shells in Two Incidents in Myanmar’s Mrauk-U

By MIN AUNG KHINE 2 December 2019 Sittwe, Rakhine State –Three Mrauk-U township residents died and four others were injured when an artillery shell struck their community in the Ale Zay quarter of Mrauk-U town on Monday afternoon after 4 p.m. A month-old girl, a 4-year-old boy and a 30-year-old woman died, according to Dr. Khin Maung Yin, the head of Mrauk-U hospital. He said, “A man and three other women were injured. One of the women sustained severe injures to her left leg and her right knee was dislocated. The injured will be operated on.” Details of what occurred were not yet known. A few hours earlier, three civilians were injured when an artillery shell fell on the village of Na Leik in Mrauk-U Township, Rakhine State, western Myanmar, on Monday at around 1 p.m., according to Yan Aung Pyin village-tract administrator U Sein Hla Aung. Two females, aged 13 and 27, and an 18-year-old male were injured in the incident, he said. Three people were hit by shrapnel and we have...
Post a Comment
Read more